cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
423
Views
0
Helpful
2
Replies
Highlighted
Beginner

Can not ping/connect to our ESA from remote network

Hello,

I just joined a small company and I am familiarizing with the Ironport ESA appliance (C100V).

 

I can't figure out why can't our branch office (LAN2LAN) access to the ESA like we do in main office ? 

 

I went through all our network settings (router, switches, acl, nat, routes ...) everything is fine : branch office can communicate with every hosts in the same LAN than the ESA except the esa himself.

Tried to create a new LAN on the main office router to see if it could ping the ESA and it could not (again, ACL etc. are fine)

 

So naturally I concluded it was a software setting that I can't seem to find neither on ESA web interface or through SSH commands...  Is there some sort of firewall on the asyncos or any other rule ?

 

=>  In Sys administration > network access > User Access: I have Allow Any Connection

=> I successfully ping branch office LAN from the ESA (with SSH)

 

Thank you

 

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Enthusiast

That sounds to me like you could have an issue with the routes defined on your ESA.

As part of ESA setup process normally a default route is created.

 

Please check your entries under Network / Routing / ipv4 default route.

You might need to add a second route for your LAN2LAN configuration.

 

Are both networks using the same virtual interface or different ones ?

 

 

View solution in original post

2 REPLIES 2
Highlighted
Enthusiast

That sounds to me like you could have an issue with the routes defined on your ESA.

As part of ESA setup process normally a default route is created.

 

Please check your entries under Network / Routing / ipv4 default route.

You might need to add a second route for your LAN2LAN configuration.

 

Are both networks using the same virtual interface or different ones ?

 

 

View solution in original post

Highlighted

You are right ! the specific route was missing. 

I've added it before but I forgot to press the "commit changes" button ...

 

Thank you so much!