Blockchain technology has already revolutionized finance thanks to Bitcoin. Now it's disrupting other areas, including the realm of data protection. Learn how blockchain is now being used to authenticate backup files and keep them safe from hackers.
COURSE of the MONTH
8 days, 19 hours left to enrollBecome a Premium Member and unlock a new, free course in leading technologies each month.
Solved
Cisco VPN & Windows File Server
Posted on 2016-08-16
i have customer running Cisco IPSEC Remote VPN to access their file server.
basically, the file server is behind second tier of their corp firewall. 1st tier firewall is belongs to their corp IT and maintenance by them.
my customer owned the 2nd tier firewall, and we just basically permit the VPN subnet to our server LAN. this setup has been works for 3 years and out of the sudden, the VPN users no longer able to access the file server.
if I run telnet to server's port 445, it can go through. only if I run \\ip address of the server, it will prompt error saying the network name no longer available. I have tried by name and IP also returned with same result.
I ran wireshark at the file server it self, and did a telnet from vpn client, I can see there is traffic come in from the client IP with port 445.
Much appreciate any help....
basically, the file server is behind second tier of their corp firewall. 1st tier firewall is belongs to their corp IT and maintenance by them.
my customer owned the 2nd tier firewall, and we just basically permit the VPN subnet to our server LAN. this setup has been works for 3 years and out of the sudden, the VPN users no longer able to access the file server.
if I run telnet to server's port 445, it can go through. only if I run \\ip address of the server, it will prompt error saying the network name no longer available. I have tried by name and IP also returned with same result.
I ran wireshark at the file server it self, and did a telnet from vpn client, I can see there is traffic come in from the client IP with port 445.
Much appreciate any help....
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
2 Comments
below are 2 logs that I found from firewall rules enabled incoming for VPN client to file server.
6 Aug 16 2016 15:49:02 302021 192.168.100.213 1 10.77.169.1 0 Teardown ICMP connection for faddr 192.168.100.213/1 gaddr 10.77.169.1/0 laddr 10.77.169.1/0
6 Aug 16 2016 15:49:00 302020 192.168.100.213 1 10.77.169.1 0 Built inbound ICMP connection for faddr 192.168.100.213/1 gaddr 10.77.169.1/0 laddr 10.77.169.1/0
6 Aug 16 2016 15:49:02 302021 192.168.100.213 1 10.77.169.1 0 Teardown ICMP connection for faddr 192.168.100.213/1 gaddr 10.77.169.1/0 laddr 10.77.169.1/0
6 Aug 16 2016 15:49:00 302020 192.168.100.213 1 10.77.169.1 0 Built inbound ICMP connection for faddr 192.168.100.213/1 gaddr 10.77.169.1/0 laddr 10.77.169.1/0
Active today
I would put Logging on both ends so that when you try to connect, the log will tell you at what point it failed.
Since it was working, there is probably a small setting that changed. But that is hard to know from the description above. That is why I suggests logs, and that is what I do.
Since it was working, there is probably a small setting that changed. But that is hard to know from the description above. That is why I suggests logs, and that is what I do.
Featured Post
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
For months I had no idea how to 'discover' the IP address of the other end of a link (without asking someone who knows), and it drove me batty.
Think about it. You can't use Cisco Discovery Protocol (CDP) because it's not implemented on the ASAs.…
This article explains the fundamentals of industrial networking which ultimately is the backbone network which is providing communications for process devices like robots and other not so interesting stuff.
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012.
Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses
Course of the Month8 days, 19 hours left to enroll
765 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.