This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Cant access WebAdmin while on Cisco VPN

So my new setup is pretty basic.

Internal network is 10.1.1.1/24 and the Astaro box is 10.1.1.254. I can access WebAdmin via the external interface just fine. I can also access WebAdmin via the internal interface when I'm physically connected to the internal network.

However, when I connect via Cisco VPN client to the Astaro box (VPN pool is 10.1.1.96/29) which puts me on the inside network, I get the following:

23:57:38	WebAdmin connection attempt	TCP	10.1.1.97	:	62117	→	10.1.1.254	:	4444	[SYN]	len=52	ttl=128	tos=0x00	srcmac=0:1:64[:D]b:f8:1c	dstmac=0:9:6b:7f:6b:34

23:57:43	WebAdmin connection attempt	TCP	10.1.1.97	:	62118	→	10.1.1.254	:	4444	[SYN]	len=52	ttl=128	tos=0x00	srcmac=0:1:64[:D]b:f8:1c	dstmac=0:9:6b:7f:6b:34

23:57:43	WebAdmin connection attempt	TCP	10.1.1.97	:	62119	→	10.1.1.254	:	4444	[SYN]	len=52	ttl=128	tos=0x00	srcmac=0:1:64[:D]b:f8:1c	dstmac=0:9:6b:7f:6b:34

23:57:45	WebAdmin connection attempt	TCP	10.1.1.97	:	62117	→	10.1.1.254	:	4444	[SYN]	len=48	ttl=128	tos=0x00	srcmac=0:1:64[:D]b:f8:1c	dstmac=0:9:6b:7f:6b:34

23:57:46	WebAdmin connection attempt	TCP	10.1.1.97	:	62118	→	10.1.1.254	:	4444	[SYN]	len=52	ttl=128	tos=0x00	srcmac=0:1:64[:D]b:f8:1c	dstmac=0:9:6b:7f:6b:34

23:57:46	WebAdmin connection attempt	TCP	10.1.1.97	:	62119	→	10.1.1.254	:	4444	[SYN]	len=52	ttl=128	tos=0x00	srcmac=0:1:64[:D]b:f8:1c	dstmac=0:9:6b:7f:6b:34

23:57:52	WebAdmin connection attempt	TCP	10.1.1.97	:	62118	→	10.1.1.254	:	4444	[SYN]	len=48	ttl=128	tos=0x00	srcmac=0:1:64[:D]b:f8:1c	dstmac=0:9:6b:7f:6b:34

23:57:52	WebAdmin connection attempt	TCP	10.1.1.97	:	62119	→	10.1.1.254	:	4444	[SYN]	len=48	ttl=128	tos=0x00	srcmac=0:1:64[:D]b:f8:1c	dstmac=0:9:6b:7f:6b:34

23:58:04	WebAdmin connection attempt	TCP	10.1.1.97	:	62124	→	10.1.1.254	:	4444	[SYN]	len=52	ttl=128	tos=0x00	srcmac=0:1:64[:D]b:f8:1c	dstmac=0:9:6b:7f:6b:34

23:58:07	WebAdmin connection attempt	TCP	10.1.1.97	:	62124	→	10.1.1.254	:	4444	[SYN]	len=52	ttl=128	tos=0x00	srcmac=0:1:64[:D]b:f8:1c	dstmac=0:9:6b:7f:6b:34

23:58:13	WebAdmin connection attempt	TCP	10.1.1.97	:	62124	→	10.1.1.254	:	4444	[SYN]	len=48	ttl=128	tos=0x00	srcmac=0:1:64[:D]b:f8:1c	dstmac=0:9:6b:7f:6b:34

I currently have firewall rules to allow the 10.1.1.1/24 to any but that didn't help.

Any ideas?

This thread was automatically locked due to age.

Parents

0 BAlfson over 13 years ago

You will have routing problems if you modify the VPN Pools to overlap with the internal IPs. Change the "VPN Pool (Cisco)" back to 10.242.5.0/24.

Cheers - Bob
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 BAlfson over 13 years ago

You will have routing problems if you modify the VPN Pools to overlap with the internal IPs. Change the "VPN Pool (Cisco)" back to 10.242.5.0/24.

Cheers - Bob
Cancel
Vote Up 0 Vote Down

Cancel

Children

0 doublejz over 13 years ago in reply to BAlfson

Ok so I put the pool back to the original, jumped on VPN and still no good. The firewall logs show no allow or denies but the page doesn't load.

Out of curiosity I tried doing a traceroute to the internal Astaro NIC.

C:\Users\Owner>tracert 10.1.1.254

Tracing route to 10.1.1.254 over a maximum of 30 hops

  1  General failure.

Trace complete.

C:\Users\Owner>

C:\Users\Owner>route print 10.*

IPv4 Route Table

===========================================================================

Active Routes:

Network Destination        Netmask          Gateway       Interface  Metric

         10.0.0.0        255.0.0.0         On-link        10.242.5.1    281

         10.1.1.0    255.255.255.0         10.0.0.1       10.242.5.1    100

       10.242.5.1  255.255.255.255         On-link        10.242.5.1    281

   10.255.255.255  255.255.255.255         On-link        10.242.5.1    281

===========================================================================

Persistent Routes:

  None



IPv6 Route Table

===========================================================================

Active Routes:

  None

Persistent Routes:

  None



C:\Users\Owner>


Description . . . . . . . . . . . : Cisco Systems VPN Adapter for 64-bit Windows

Physical Address. . . . . . . . . : 00-05-9A-3C-78-00

DHCP Enabled. . . . . . . . . . . : No

Autoconfiguration Enabled . . . . : Yes

Link-local IPv6 Address . . . . . : fe80::e165:79cb[:D]85d:7b9b%20(Preferred)

IPv4 Address. . . . . . . . . . . : 10.242.5.1(Preferred)

Subnet Mask . . . . . . . . . . . : 255.0.0.0

Default Gateway . . . . . . . . . :

DHCPv6 IAID . . . . . . . . . . . : 603981210

DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-16-9D-7C-05-00-21-70-D5-1B-0C



DNS Servers . . . . . . . . . . . : 8.8.8.8

                                    8.8.4.4

NetBIOS over Tcpip. . . . . . . . : Enabled