05-01-2012 07:32 PM
Client SSL VPN configuration is working from client to server. The client can ping the server no problem. The server however, can not ping the client. What am I missing? The routes on the server appear to be correct, and I'm confident the packets are getting to the firewall but being dropped. I can't see them in the logs though... which to me screams like a routing issue. Any quick tips? Off to break out the manual...
05-01-2012 08:22 PM
Since the client can ping the server, this does not seem to be a routing issue. This could be a security policy issue. Do you have a security policy that allows pings from the server to the client? Also, try the following:
1. Start a continuous ping from the server to the client.
2. Open a CLI session to PAN and run the following:
> show session all filter source <server-ip> destination <client-ip>
You should see some ping sessions here. Are they in the ACTIVE state or DISCARD state? If you see sessions in ACTIVE state, try disabling the windows firewall on the client if not already disabled.
Thanks,
Ahsan
05-02-2012 07:04 AM
Result from that CLI is "no session active"...
05-02-2012 09:25 AM
ok, my bad... mixup in the policies. Was odd that I didn't see it dropping in the logs and such, but it is figured out now.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
