Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Massimiliano
Explorer

Remote client is not reachable from local LAN

Hi, we have a issue to reach the PC in remote vpn from LAN server. The PC is able to reach the server, but if the server start a connection on destination port tcp 2701, we saw the traffic went out of the FW, but the connection failed (timeout) and not packet are capture from wireshark.

I suspect a problem on remote vpn client checkpoint (with nat and port translation).

Could you help me to solve this issue?

Best Regards

Massimiliano

0 Kudos
6 Replies
PhoneBoy
Admin
Admin

Have you enabled this option in Global Properties?

image.png

0 Kudos
Massimiliano
Explorer

Hi,

we have the properties configured as reported below

 

Immagine 2023-10-13 101311.png

0 Kudos
PhoneBoy
Admin
Admin

What’s the version/JHF?
What precisely did you see?
The actual tcpdump/fw monitor output might help.
Did you check with fw ctl debug to see if the traffic got dropped?

0 Kudos
Massimiliano
Explorer

The version is R81 take 74. We did a tcpdump on FW and we saw the packet.

We also configure Remote Desktop rule as reported below.

 

Immagine 2023-10-13 175137.png

0 Kudos
PhoneBoy
Admin
Admin

This is for the policy on the client.
What about the Access Policy on the gateway: is there an explicit rule that allows the communication?

tcpdump will only tell you that the packet was received by the gateway, it won't tell you where the traffic goes once it gets there.
fw monitor should tell you where the traffic "disappears" to (note the in/out of the various chains), which should aid in further troubleshooting.

0 Kudos
Massimiliano
Explorer

We found a issue on remote PC. Now the connectivity is okay.

Thanks for your suggestions.

Regards

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events