Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

No access to the web admin via VPN-NAT since V20 MR1 update

Hello everyone,

We are accessing a customer appliance via IPSEC-S2S VPN.
Access is made to an IP that is NATed in the tunnel on the customer side and translated in the IPSec config on the customer side. Nothing special, has always worked.
In addition, there is ACL with DST:ANY, which allows access from our SRC subnet, which is also in the tunnel.

Now to the problem - since the V20-MR1 update I can no longer access the web admin via VPN. SSH via VPN works. Access to the web admin via the WAN interface also works (I have extended the ACL for this, so it can't actually be the ACL).
Since it also works on the WAN interface, it is probably not due to the web service. The appliance has already been rebooted.

Does anyone have any ideas?

Kind regards!



This thread was automatically locked due to age.
Parents
  • Hi,

    same problem here. We updated some devices yesterday for two customers. Admin web access for customer A is ok, for customer B not accessable. Firmware is SFOS 20.0.1 MR-1-Build342. Other traffic between the IPSEC tunnel is working normally. Settings for device access are ok, no specific blocks in firewall rules but the diagnostic tool says "blocked" with no specific rule (ID:0).

Reply
  • Hi,

    same problem here. We updated some devices yesterday for two customers. Admin web access for customer A is ok, for customer B not accessable. Firmware is SFOS 20.0.1 MR-1-Build342. Other traffic between the IPSEC tunnel is working normally. Settings for device access are ok, no specific blocks in firewall rules but the diagnostic tool says "blocked" with no specific rule (ID:0).

Children