This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

FTPservices Definition collides with DNS for VPN

Hi,

I have 2 external WAN Interfaces. WAN1 handles SSL VPNs and WAN2 handles FTP and HTTP traffic. WAN1 owns primary uplink IP.

I have the following policy routes:
1. INT -> WebSurfing -> WAN2
2. INT -> FTP -> WAN2
with VPN established, that works.

If I change the 2. policy Route from FTP to FTPServices, which includes (FTP, FTPES and FTP_Port_Range_IANA), VPN works, but without DNS lookups.

FTP_Port_Range_IANA is defined by: 1:65535 → 49152:63000

Looks like that port range 49152 to 63000 overlaps DNS requests from VPN clients and will be routed through the wrong interface WAN2 and not WAN1.

How can I solve that ?

This thread was automatically locked due to age.

Parents

0 BAlfson over 15 years ago

Do you have "Internet" and "Internal (Network)" in 'Local networks' of the SSL VPN definition? (or "Any")

Do you have a masq rule for "VPN Pool (SSL)" out the WAN1 interface?

Can you reach our Bluehost webserver from a VPNconnection? http://69(dot)89(dot)20(dot)44/

Cheers - Bob
Cancel
Vote Up 0 Vote Down

Cancel
0 sfischer over 15 years ago in reply to BAlfson

Hi Bob,

thanks for your tipps. The Any definition in SSL local Networks did it.

Stefan
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 sfischer over 15 years ago in reply to BAlfson

Hi Bob,

thanks for your tipps. The Any definition in SSL local Networks did it.

Stefan
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data