Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 10 replies
  • Answers 1 answer
  • Subscribers 6 subscribers
  • Views 7399 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

WebAdmin access gone after Up2Date 9.4004.005

marcelbleeker

Hi all,

Curious problem that I can not solve via other posts:

After update our firewalls, I'm not able to access the Webadmin via the WAN ports.

And yes I added the access to the correct network (even checked it via the console)
And yes I checked if the user has access.

FW01 / FW02 / FW03: UTM9 appliance
FW04 : ASG220 appliance

This all worked fine for many years now, but after the update the situation is as on the drawing.

Please advise / help.

Greetz,

Marcel.



This thread was automatically locked due to age.
Parents
  • 0

    Hi Marcel,

    Check if any DNAT rule is configured to map the incoming requests on WAN address. 

    Are you able to access Web Admin from internal network? Take SSH to UTM and execute /etc/init.d/httpd restart . Let us know if that helps.

    Thanks

  • 0 in reply to sachingurung

    Hi sachingurung,

    On one of the walls, we have the following:

    1 masquerading rule LAN -> WAN-side

    1 SNAT host1 -> message Queuing ports > host X on WAN side

    1 SNAT host2 -> message Queuing ports > host X on WAN side

    1 DNAT WAN -> Terminal Apps. -> LAN

    But these were also active before the issue occurred.

    Greetz,

    Marcel.

  • 0 in reply to marcelbleeker

    Hi Marcel,

    Did restarting the HTTPd services help? It can be hard to tell why the GUI services are stuck if it is not caused due to an incorrect DNAT or the GUI services responsible for it.

    Take tcpdump for the remote IP address and check if you receive the request packets on the UTM, alongside also capture *.log grepping the remote IP address, if UTM is dropping the connection then you will capture some information here.

    Thanks

Reply
  • 0 in reply to marcelbleeker

    Hi Marcel,

    Did restarting the HTTPd services help? It can be hard to tell why the GUI services are stuck if it is not caused due to an incorrect DNAT or the GUI services responsible for it.

    Take tcpdump for the remote IP address and check if you receive the request packets on the UTM, alongside also capture *.log grepping the remote IP address, if UTM is dropping the connection then you will capture some information here.

    Thanks

Children
No Data