External port on MAG2600

bjstone_ · ‎09-15-2011

Hi,

I am trying to set up the external port.

At the moment I have the external port connected to a router that is using NAT to send traffic on 443 from the external IP address to the IP address of the external port.

The internal port is connected to the corporate LAN.

The External and Internal Ports are on different Subnets.

When I try to connect to the SSLVPN Via the internet I get 'Internet Explorer cannot display the webpage'. I have connected to the router an am able to ping the SSL VPN.

Any advice would be appreciated.

Kind Regards

zanyterp_ · ‎09-15-2011

Do both ports work while on the LAN?

Does your router show any drops?

RKB_ · ‎09-20-2011

Please set up a TCP dump on the external interface to see if incoming connections are indeed reaching the SA.

Goto troubleshooting -> tools -> TCP dump. Start sniffing on the external and attempt a connection.

Once done save the file to computer in RAW format and use wireshark to check the captured trace. This should tell you if there is a network level issue.

bjstone_ · ‎09-20-2011

Hello,

Sorry for taking so long to respond.

Since my last message I have changed the setup so only the internal port is being used.

I still get the same problem when trying to connect from the internet (internal requests are fine).

I will check the TCP Dump as suggested.

Are there any known problems using CISCO Routers for the NAT Translation to a Juniper SSLVPN?

bjstone_ · ‎09-20-2011

I have run a TCP Dump on the vpn.

I can see the packet coming from adsl line to the vpn. I also see that vpn acknowledges the packet.

There appears to be no further communication between the vpn and the outside world.

External port on MAG2600

External port on MAG2600

Re: External port on MAG2600

Re: External port on MAG2600

Re: External port on MAG2600

Re: External port on MAG2600