Author Topic: Can ping MCD but not the Application Suite over VPN  (Read 2791 times)

Offline bigred1022

  • Contributer
  • *
  • Posts: 6
  • Country: us
  • Karma: +0/-0
    • View Profile
Can ping MCD but not the Application Suite over VPN
« on: July 13, 2015, 10:02:59 AM »
Looking for any ideas/thoughts on this as I'm completely fried.

We have a 3300 (on-site) with the following IP assignments:
192.168.1.19 (Applications Suite)
192.168.1.20 (MCD)
172.20.0.0 (All of our IP phones)
192.168.4.0 (Offsite network)

We are setting up an offsite office that will be using softphones over a site-to-site VPN tunnel using Sonicwall routers.

The issue we are experiencing is that the tunnel connects, we can ping everything except for the Applications Suite.  We can ping every phone as well.  I've been working with our vendor and Mitel support and they are both 100% stumped.  The MCD responds without issue.  The 192.168.4.0 network is in the list of Local Networks on the server, packet capture from both Sonicwall's show the packets coming in and properly being forwarded to .19.  However, .19 never responds.  We cannot even access via the web, it just times out. 

Has anyone had any experience with this type of issue at all?  Any help would be greatly appreciated.


Online ralph

  • Mitel Forums Admin
  • Hero Member
  • *****
  • Posts: 5767
  • Country: us
  • Karma: +469/-0
  • Published Author: http://amzn.to/2dcYSY5
    • View Profile
Re: Can ping MCD but not the Application Suite over VPN
« Reply #1 on: July 13, 2015, 11:02:15 AM »
If you log into the MAS via putty and do a traceroute what do you get?

Ralph

Offline bigred1022

  • Contributer
  • *
  • Posts: 6
  • Country: us
  • Karma: +0/-0
    • View Profile
Re: Can ping MCD but not the Application Suite over VPN
« Reply #2 on: July 13, 2015, 11:21:52 AM »
Traceroutes to .19 timeout (both ways).  However, if I do a traceroute to .20, .19 actually responds as a hop before hitting .20.

The phone system is installed as a virtual machine on an ESXi host if that makes a difference.

Online ralph

  • Mitel Forums Admin
  • Hero Member
  • *****
  • Posts: 5767
  • Country: us
  • Karma: +469/-0
  • Published Author: http://amzn.to/2dcYSY5
    • View Profile
Re: Can ping MCD but not the Application Suite over VPN
« Reply #3 on: July 13, 2015, 11:47:14 AM »
I'm looking to understood for a traceroute 'from' .19.

Ralph

Offline bigred1022

  • Contributer
  • *
  • Posts: 6
  • Country: us
  • Karma: +0/-0
    • View Profile
Re: Can ping MCD but not the Application Suite over VPN
« Reply #4 on: July 13, 2015, 11:50:06 AM »
What I did was putty into .19, did a traceroute to 192.168.4.216 (that's the ip of the offsite computer) and it times out. I should mention that I've been working with Sonicwall support and Mitel support to handle all the network tests.  What is just not making any sense is that .20 responds but .19 doesn't.
« Last Edit: July 13, 2015, 11:53:36 AM by bigred1022 »

Offline johnp

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 2202
  • Country: us
  • Karma: +66/-0
    • View Profile
Re: Can ping MCD but not the Application Suite over VPN
« Reply #5 on: July 13, 2015, 06:43:49 PM »
Have you added it to the local networks on the MAS?

Offline bigred1022

  • Contributer
  • *
  • Posts: 6
  • Country: us
  • Karma: +0/-0
    • View Profile
Re: Can ping MCD but not the Application Suite over VPN
« Reply #6 on: July 14, 2015, 08:09:28 AM »
Yes we did.  Mitel support has now pretty much given up (which is just fantastic).  They say our firewall isn't forwarding the traffic to .19.  However, I had to send them (for the 3rd time) the logs showing that the traffic is getting passed to it.  Here is part of it:

1   07/08/2015 22:53:13.560   X1*(i)   --   192.168.4.216         192.168.1.19   IP   ICMP   --   CONSUMED   74[74]
2   07/08/2015 22:53:13.560   X1*(hc)   X0   192.168.4.216      192.168.1.19   IP   ICMP   --   FORWARDED   74[74]
3   07/08/2015 22:53:13.560   --           X0*   192.168.4.216      192.168.1.19   IP   ICMP   --   FORWARDED   74[74]
4   07/08/2015 22:53:18.208   X1*(i)   --   192.168.4.216      192.168.1.19   IP   ICMP   --   CONSUMED   74[74]
5   07/08/2015 22:53:18.208   X1*(hc)   X0   192.168.4.216      192.168.1.19   IP   ICMP   --   FORWARDED   74[74]
6   07/08/2015 22:53:18.208   --           X0*   192.168.4.216      192.168.1.19   IP   ICMP   --   FORWARDED   74[74]

Online ralph

  • Mitel Forums Admin
  • Hero Member
  • *****
  • Posts: 5767
  • Country: us
  • Karma: +469/-0
  • Published Author: http://amzn.to/2dcYSY5
    • View Profile
Re: Can ping MCD but not the Application Suite over VPN
« Reply #7 on: July 14, 2015, 08:18:56 AM »
In the MAS server turn on packet capture and then look it over with Wireshark.
It should show you if you're getting the ICMP packets or not.

Ralph

Offline johnp

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 2202
  • Country: us
  • Karma: +66/-0
    • View Profile
Re: Can ping MCD but not the Application Suite over VPN
« Reply #8 on: July 14, 2015, 06:49:40 PM »
From what you say the default gateway for the MCD is the MAS at .19 and the MAS local network has the remote site routed via the firwewall address. That would be the only way .19 would be involved when trying to ping .20

I would think it's an access control issue in the firewall myself. If you can ping both from the firewall, that would narrow the issue down.

Offline boycey9

  • Full Member
  • ***
  • Posts: 182
  • Karma: +4/-0
    • View Profile
Re: Can ping MCD but not the Application Suite over VPN
« Reply #9 on: July 17, 2015, 05:30:32 AM »
From your earlier reply when you used putty on to your MAS server to traceroute to a PC you got a timeout so your MAS cannot reach the Tunnel.
Where does this fail?
How Many NICs have you got on the MAS are any bonded?


 

Sitemap 1 2 3 4 5 6 7 8 9 10