01-06-2017 09:37 AM
Hi,
I am unable to get any response from IronPort server placed in a Data center. I have checked with our firewall team and they said as below:
As suggested this issue should be looked on the host (Iron Port). There are probably multiple interfaces in use and the host should have some routing in place. I am assuming that the return traffic may be sent out from a different interface. I suggest you engage your Iron Port administrators to look into this.
Could you please let us know how I can proceed further. It is very important. Thank you so much!!
01-06-2017 09:47 AM
Hi,
Could you confirm what method you are using to connect to the appliance? Http, Https, SSH, etc?
You can try using a console access to the appliance to confirm the device is operational, you would also need access to the appliance to confirm the interface configuration, routing, etc.
If the device is not accessible even through console then the device would need to be RMA'ed depending on your service contract for the appliance.
Regards
Libin Varghese
01-06-2017 09:53 AM
Hi Libin,
I am using Https and SSH to connect to the appliance and as per the response from our Firewall team as below. So, is there any routing table we can configure to IronPort server (Examine the routing)? in order to send out the packets.
"As suggested this issue should be looked on the host (Iron Port). There are probably multiple interfaces in use and the host should have some routing in place. I am assuming that the return traffic may be sent out from a different interface. I suggest you engage your Iron Port administrators to look into this"
01-06-2017 10:00 AM
Hi,
Local addresses are identified by applying the interface netmask to the interface IP address. Both of these are set via the Network > Interfaces page or by the interfaceconfig command
(or during system setup). If the address space overlaps, the most specific netmask is used. If a destination is local, packets are sent via the appropriate local interface.
If the destination is not local, packets are sent to the default router (set via the Network > Routing page or with the setgateway command). The IP address of the default router is local. The output interface is determined by the rule for selecting the output interface for local addresses. For example, AsyncOS chooses the most specific IP address and netmask that include the default router's IP address. The routing table is configured via the Network > Routing page (or via the routeconfig command). A matching entry in the routing table takes precedence over the default route. A more specific route take precedence over a less specific route.
You would still need console access to the appliance at least to verify any of this configuration since https and ssh is not working.
- Libin V
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide