SSL VPN Routing

cancel
Showing results for 
Search instead for 
Did you mean: 

SSL VPN Routing

L3 Networker

Client SSL VPN configuration is working from client to server.  The client can ping the server no problem.  The server however, can not ping the client.  What am I missing?  The routes on the server appear to be correct, and I'm confident the packets are getting to the firewall but being dropped.  I can't see them in the logs though... which to me screams like a routing issue.  Any quick tips?  Off to break out the manual...

3 REPLIES 3

L3 Networker

Since the client can ping the server, this does not seem to be a routing issue.  This could be a security policy issue.  Do you have a security policy that allows pings from the server to the client?  Also, try the following:

1. Start a continuous ping from the server to the client.

2. Open a CLI session to PAN and run the following:

> show session all filter source <server-ip> destination <client-ip>

You should see some ping sessions here.  Are they in the ACTIVE state or DISCARD state?  If you see sessions in ACTIVE state, try disabling the windows firewall on the client if not already disabled.

Thanks,

Ahsan

Result from that CLI is "no session active"...

ok, my bad... mixup in the policies.  Was odd that I didn't see it dropping in the logs and such, but it is figured out now.

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!