Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 6 replies
  • Subscribers 4 subscribers
  • Views 12368 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Hyper-V Manager - The RPC Server is Unavailable Over VPN?

TitanRob16

Hi all,

I've recently configured our Sophos UTM9 for SSL VPN and we're currently testing it out, but we've found we can't connect to our Hypervisors through Hyper-V Manager. It says: "the RPC Server is unavailable" on every one. We can ping the servers fine (using their DNS names), and RDP to them, but can't connect through Hyper-V. 

The odd thing is, we can do so when using our old VPN connection - OpenVPN through IPCop. I've been through both configurations and they seem to be exactly the same, so I can't figure out what could be wrong. 

Has anyone come across this before? Or does anyone have any suggestions as to what I can try? Do I possibly need to perform some additional configuration on the UTM? 

Any help with this would be appreciated.



This thread was automatically locked due to age.
Parents
  • 0

    Hi, Rob, and welcome to the UTM Community!

    Does #1 in Rulz give you any hints?

    Cheers - Bob

  • 0 in reply to BAlfson

    Hi BAlfson,

    Apologies about the delay - I didn't get an email saying you had replied to this thread!

    I've checked these but couldn't find anything. I worked out it was mostly a routing issue as now we can connect to 2 out of 5 of our hypervisors over this VPN connection. 

    When trying to connect to one of the three that don't work, Hyper-V says:

    "RPC server unavailable. Unable to establish connection between 'server' and 'client-pc'". 

    I can confirm DNS is working as I can ping all 5 of the servers from the client and vice-versa (and yes, it does come up with the correct IP address of 10.1.17.x). 

    I've run HV Remote and it fails on Step 8, saying:

    "Async notification query to root\virtualization\v2 WMI namespace

    FAIL - Notification query failed The RPC server is unavailable."

    What troubleshooting steps could I perform to resolve this issue? Any help with this would be greatly appreciated. 

  • 0 in reply to TitanRob16

    I guess you're down to running espdump to see the traffic transiting the tunnel. [:(]

    Cheers - Bob

  • 0 in reply to BAlfson

    Hi there,

    Is there a possibility that you have hyper-vs firewall set to reject traffic from specific subnets and the ssl vpn pool is not included? Or are you SNATing connections from the SSL VPN pool?

    Lastly is the UTM the primary gateway for your network so if the hyper-v server is trying to dial back to the source it will reach the UTM for routing?

    One last thing is do you have a firewall rule to allow the hyper-v server to initiate communications to the client?

    RPC and DCOM are horrible communication protocols that take the entire ephemeral port range and WMI for funsies.

    Emile

  • +1 in reply to Emile Belcourt

    I managed to solve this today by running Wireshark and seeing that there was an entry saying:  "ICMP | Redirect | (redirect for host)" for the troublesome servers. 

    I created a firewall rule to allow IMCPv4 Redirect on them, and can now confirm it works perfectly. 

    Many thanks for the help and assistance with this :) 

Reply
  • +1 in reply to Emile Belcourt

    I managed to solve this today by running Wireshark and seeing that there was an entry saying:  "ICMP | Redirect | (redirect for host)" for the troublesome servers. 

    I created a firewall rule to allow IMCPv4 Redirect on them, and can now confirm it works perfectly. 

    Many thanks for the help and assistance with this :) 

Children