Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
674
Views
0
Helpful
3
Replies

IronPort server not sending packets

pbabu6001
Level 1
Level 1

‎01-06-2017 09:37 AM

Hi,

I am unable to get any response from IronPort server placed in a Data center. I have checked with our firewall team and they said as below:

As suggested this issue should be looked on the host (Iron Port). There are probably multiple interfaces in use and the host should have some routing in place. I am assuming that the return traffic may be sent out from a different interface. I suggest you engage your Iron Port administrators to look into this.

Could you please let us know how I can proceed further. It is very important. Thank you so much!!

Labels:
0 Helpful
3 Replies 3

Libin Varghese
Cisco Employee
Cisco Employee

‎01-06-2017 09:47 AM

Hi,

Could you confirm what method you are using to connect to the appliance? Http, Https, SSH, etc?

You can try using a console access to the appliance to confirm the device is operational, you would also need access to the appliance to confirm the interface configuration, routing, etc.

If the device is not accessible even through console then the device would need to be RMA'ed depending on your service contract for the appliance.

Regards
Libin Varghese

0 Helpful

pbabu6001
Level 1
Level 1
In response to Libin Varghese

‎01-06-2017 09:53 AM

Hi Libin,

I am using Https and SSH to connect to the appliance and as per the response from our Firewall team as below. So, is there any routing table we can configure to IronPort server (Examine the routing)? in order to send out the packets.

"As suggested this issue should be looked on the host (Iron Port). There are probably multiple interfaces in use and the host should have some routing in place. I am assuming that the return traffic may be sent out from a different interface. I suggest you engage your Iron Port administrators to look into this"

0 Helpful

Libin Varghese
Cisco Employee
Cisco Employee
In response to pbabu6001

‎01-06-2017 10:00 AM

Hi,

Local addresses are identified by applying the interface netmask to the interface IP address. Both of these are set via the Network > Interfaces page or by the interfaceconfig command
(or during system setup). If the address space overlaps, the most specific netmask is used. If a destination is local, packets are sent via the appropriate local interface.

If the destination is not local, packets are sent to the default router (set via the Network > Routing page or with the setgateway command). The IP address of the default router is local. The output interface is determined by the rule for selecting the output interface for local addresses. For example, AsyncOS chooses the most specific IP address and netmask that include the default router's IP address. The routing table is configured via the Network > Routing page (or via the routeconfig command). A matching entry in the routing table takes precedence over the default route. A more specific route take precedence over a less specific route.

You would still need console access to the appliance at least to verify any of this configuration since https and ssh is not working.

- Libin V

0 Helpful
Customers Also Viewed These Support Documents