Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 6 subscribers
  • Views 3553 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SSL traffic fails to respond from WAN interface

rm501

Hi all

I have just provisioned a new WAN interface (LTE router) as a failover WAN at a site with latest UTM.

Any traffic from this WAN that hits an SSL endpoint on UTM or LAN (incl. WebAdmin, SSL VPN, SSH & other HTTPS servers) simply times out.

Any traffic hitting a HTTP service works just fine. Settings all the same. 

If I replace the LTE WAN with the fiber WAN, it works perfectly fine.

Netcat shows successful TCP handshake and connection, but no data is returned.

EDIT: just setup a netcat listen (nc -vvv -lkt 6666) on an internal LAN server, NATed the ports, tested 2-way "telnet" communications - works perfectly)

Nothing helpful shown in firewall logs.

Tried using valid HTTPS certificates - Still no reponse

Has me completely stumped.

Have the same LTE device and service at another site with an XG box and it works perfectly fine. (LTE router settings are exactly the same at both sites) 

Anyone have a ideas?

Thank you



This thread was automatically locked due to age.
Parents
  • 0

    What do your logs say?  Country Blocking affecting it?  I just had that issue myself, on vacation in Florida and I use Country Blocking.  I could connect but couldn't copy any files from my NAS over SSL VPN.  For some reason, the IP in Florida appears as an IP in India?  I had blocking 'From' India enabled.  Disabed it and VPN works fine now.  /shrug.

    Are you seeing anything in firewall logs?  If it's failover, are you testing it with your main line still established, or only on the failover?

    Just thorwing out some ideas on this one, failover connections aren't my thing with UTM.  Stuck out tongue

    OPNSense 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
    16GB Memory | 500GB SSD HDD | ATT Fiber 1GB
    (Former Sophos UTM Veteran, Former XG Rookie)

Reply
  • 0

    What do your logs say?  Country Blocking affecting it?  I just had that issue myself, on vacation in Florida and I use Country Blocking.  I could connect but couldn't copy any files from my NAS over SSL VPN.  For some reason, the IP in Florida appears as an IP in India?  I had blocking 'From' India enabled.  Disabed it and VPN works fine now.  /shrug.

    Are you seeing anything in firewall logs?  If it's failover, are you testing it with your main line still established, or only on the failover?

    Just thorwing out some ideas on this one, failover connections aren't my thing with UTM.  Stuck out tongue

    OPNSense 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
    16GB Memory | 500GB SSD HDD | ATT Fiber 1GB
    (Former Sophos UTM Veteran, Former XG Rookie)

Children
No Data
Unfiltered HTML