Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 9 replies
  • Answers 1 answer
  • Subscribers 28 subscribers
  • Views 2119 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

IPMIView Blocked on one VLAN but not on VPN?

dma0

Hi there. I seem to be having a rather odd problem. I have my local network set up with several VLANs. Two of them are the Management VLAN (VLAN 10) and Users VLAN (VLAN 20). They are on 10.0.10.0/24 and 10.0.20.0/24 respectively. I also have VPN set up. Generally, all seems to work fine.

In order to allow me to manage servers and the like, I created a firewall rule that allows authenticated users access to VLAN 10, either from VLAN 20 or the VPN. When I'm on VLAN 20, I use the network authentication agent, and when I use VPN that's taken care of when I login to the VPN client software.

Generally speaking, everything seems to work just fine. I can access VLAN 10 when I need to. With one exception: Supermicro IPMIView. The odd part about this is that IPMIView works just fine when I'm accessing remotely through the VPN, but cannot see the server when I authenticate on VLAN 20. When I try scanning the IP range in 10.0.20.0 for the server in IPMI, it finds nothing. However, I can otherwise access the server just fine. I can ping the management UI IP address, access other admin stuff (that is only available on VLAN 10), etc. It's only IPMIView that doesn't work. Web access to the IPMI WebGUI on the server works just fine from VLAN 20. When I check the firewall log, nothing seems to be blocked that is originating from the PC on VLAN 20 on which I'm attempting to access VLAN 10.

I'm not necessarily sure this is a Sophos problem - maybe IPMIview has a problem with a server being on a different subnet, though for the life of me I'm not sure why it would when everything else works. But I thought I'd perhaps check here to see if maybe I've misconfigured something on the firewall. Any suggestions would be most appreciated.

Also FWIW the reason I need IPMIview instead of the IPMI WebGUI is because console functionality is broken on the latter but not the former.



This thread was automatically locked due to age.
Parents
  • +1

    Hello dma0,

    First you would need to check if the system traffic is forwarded to the intended server while accessing IPMIView. Since it is pinging it does mean that there is not issue with the route but you may need to check by disabling the local firewall(if have any) and also take apacket capture from XG firewall. You may use this KBA and use the string "host <IPMIView address> and port<portnumber>" and check if the packet is being delieverd to the destination with th correct port/Mac and IP address.

Reply
  • +1

    Hello dma0,

    First you would need to check if the system traffic is forwarded to the intended server while accessing IPMIView. Since it is pinging it does mean that there is not issue with the route but you may need to check by disabling the local firewall(if have any) and also take apacket capture from XG firewall. You may use this KBA and use the string "host <IPMIView address> and port<portnumber>" and check if the packet is being delieverd to the destination with th correct port/Mac and IP address.

Children
  • 0 in reply to Aditya Patel

    Thank you very much Aditya. I will give that a try.

  • 0 in reply to Aditya Patel

    So I finally had a chance to do this. Some rather odd results. Or at least results that I cannot really make heads or tails of. So I disabled the local firewall on my laptop completely, then configured and turned on packet capture in Sophos XG, then fired up IPMIView on my laptop. Tried logging in through IPMIview and not surprisingly it didn't work. Tried scanning for the server. Also did not work, as expected. This was from VLAN 20 after logging in with the network authentication agent. However, packet capture showed exactly nothing going between my laptop and the server. Zero packets.

    I thought this was a bit odd, so opened up a console and pinged the server (which responded). Voila, a bunch of packets. Also tried the web interface for IPMI for the server. Again, a bunch of packets show up.

    So I figure, gee, it must be something wrong with IPMIview on my laptop, or something else that's problematic on my laptop, and not Sophos. When I had been accessing remotely via VPN, it had been from a different PC (but I didn't think that was the source of the problem).

    Anyway, to see if the problem was my laptop or the instance of IPMIview I had installed on it, I figured, hey, I have IPMIview on my phone, so why not give that a try? So I first tried from VLAN 20, again with the same result. No connection, unsuccessful scan, no packets. I then turned off WiFi, connected via VPN, and IPMIview works perfectly.

    All of the above mystifies me somewhat. Unless there are some very serious issues in XG (i.e. packet capture isn't working correctly or isn't reporting correctly) which I doubt, it seems the only other possible causes would be either my wireless access point or my switch, neither of which have ever blocked anything ever (AFAIK). Actually just ruled out the WAP by connecting with a cable - no difference. 

    Appreciate the suggestions. At least I've been able to rule out Sophos as the cause of this issue.

     

    Aditya Patel said:

    First you would need to check if the system traffic is forwarded to the intended server while accessing IPMIView. Since it is pinging it does mean that there is not issue with the route but you may need to check by disabling the local firewall(if have any) and also take apacket capture from XG firewall. You may use this KBA and use the string "host <IPMIView address> and port<portnumber>" and check if the packet is being delieverd to the destination with th correct port/Mac and IP address.