Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Wierd Remote access networking problem

Posted on 2003-11-19
8
Medium Priority
?
796 Views
Last Modified: 2013-12-07
Hi there,

I am having a wierd problem accessing a remote network, lets call this network AWAY.

Here is the situation, When I am at my corporate office and want to access AWAY via Terminal Services, SSH, or a HTTP Remote management browser (Linksys Firewall Browser) etc... I cant reach it from my OFFICE network.

Now here is where it starts to get wierd.

I can connect VIA Remote Desktop/ SSH or whatever from my DMZ, or another Network.

I can connect to other IP addresses via RDP etc.. from OFFICE

OFFICE to AWAY connections used to work

Now the last thing I just tried was NATTING a new IP to my computer at OFFICE and attempting to connect to AWAY with the new Public IP. This also fails?

So, it looks like there is something in my Firewall (3Com Superstack 3) that is restricting a connection to my AWAY IP address.


I have specifically made policies to allow connections to the AWAY address be allowed from the LAN at OFFICE and looked for anything that specifies the AWAY address, but to no avail.

Does it sound like I am on the right path, or have I overlooked something obvious?

Thanks,

Mike
0
Comment
Question by:UnifiedIT
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 2
  • 2
8 Comments
 
LVL 2

Accepted Solution

by:
rccguy earned 450 total points
ID: 9781439
check your router at the Away network to make sure that you haven't turned off any services that need to be running for SSH or remote desktop to work.  You could also try to connect to Away from another network and see if the problem is your Office network or the Away network.  I would suggest that if it used to work than track back from today to when it quit working and take note of all the changes that have taken place on both networks and start eliminating things that wouldn't make a difference.  If you've been playing with your policies check them against your originals and make sure they match up, if not set them back to when they were working and check your connection again.  Just some suggestions to try.
0
 
LVL 2

Author Comment

by:UnifiedIT
ID: 9781454
thanks rccguy,

Yeah, I can connect to AWAY from other networks, including the DMZ at my OFFICE.

I have been trying to track it back, but Its really wierd ( like I stated in my title) :)

0
 
LVL 16

Assisted Solution

by:The--Captain
The--Captain earned 150 total points
ID: 9781949
Using tcptraceroute will go a long way towards solving this one for you.

Cheers,
-Jon
0
Simplify Your Workload with One Tool

How do you combat today’s intelligent hacker while managing multiple domains and platforms? By simplifying your workload with one tool. With Lunarpages hosting through Plesk Onyx, you can:

Automate SSL generation and installation with two clicks
Experience total server control

 
LVL 2

Expert Comment

by:rccguy
ID: 9782037
Well there is definetly a policy setup in your firewall that is preventing you from connecting from Office.  I would suggest going through them and see what might be giving you the problem.  If your comfortable with posting it I'll try to help you figure it out.  We'd also need to know the type of firewall your using.  I'm betting that SSH or some service is turned off or something as been setup to restrict access to outside networks in the firewall.  To verify try a tracert on the away network and see where if the problem is accessing the network or if it could be a protocol issue.
0
 
LVL 2

Author Comment

by:UnifiedIT
ID: 9782054
Ok...

I cant ping or trace route the public IP of the remote network from the OFFICE LAN.

I can tracert/ping the AWAY network from my DMZ though..

The same goes for the gateway that I try to ping for the remote networks ISP?

All I see when I tracert is the first hop (my routers ethernet port) then it dies?

It look like it must either be my firewall, or possibly something along the line of ACL's on my routers? Ill have to check into some more here!

Any other ideas? Opinions etc...
0
 
LVL 2

Author Comment

by:UnifiedIT
ID: 9782132
rcguy,

one more thing before I post policies..

Its a 3com superstack 3 firewall and I because I see that all the services that I try to connect to at this IP (AWAY) are not working, lets just go with the http interface at the AWAY site. Since it was http, I would think that any policy would almost have to be specific to the AWAY IP address? Simply because I can use this, SSH, RDP etc on other remote addresses, my last post suggests that the firewall has a problem with the whole subnet!

If I jump a subnet up or down, I can ping those.... for ex I can ping x.x.118.whatever, cant ping x.x.119.whatever, can ping x.x.120.whatever..  I know that comcast owns the x.x.118.0/23 block, so the first two fall within their network...

hmmm...
0
 
LVL 16

Expert Comment

by:The--Captain
ID: 9783637
No, no, not tracert (although that can help some), but tcptraceroute...

tcptraceroute (originally a linux tool but I think there are now windoze equivalents) will send packets on a particular tcp port (ie ssh), but otherwise behaves exactly like traceroute.  Using tcptraceroute will tell you exactly who is blocking your packets.

Cheers,
-Jon

0
 
LVL 2

Author Comment

by:UnifiedIT
ID: 9788088
Thanks for the help guys.

This ended up being something kinda simple.

First, thanks for the new tool there Captain, that will be helpful in the future, it didnt exactly solve my problem this time, but helped lead to me getting this.

I went back and looked at what was changed along with policies as rc suggested. It was actually a VPN SA that I was testing for the remote network. Apparently, the network info that I entered was wrong, and as soon as I deleted the SA, all was well.

Thank you for you help again.

Mike
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This program is used to assist in finding and resolving common problems with wireless connections.
This article will show how Aten was able to supply easy management and control for Artear's video walls and wide range display configurations of their newsroom.
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Suggested Courses

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question