Help : Can't access (Funk Software) Proxy Host Vpn client

falain · ‎05-06-2004

Remote PCs are connected transparently through Easy VPN

tunnel using Spoke (remote) C837 (PSK / Network Mode) and PIX on Hub site.

Everything works fine, I can ping remotes from Hub site

, Telnet Spoke Vpn Router,remote PCs can get IP params from DHCP server on Hub site.

I use Funk Software Proxy Master (V4.10) to get control on remote Hosts.

It works fine if control is established from remote PCs to Hosts on Hub site.

Impossible to establish from Hub site to remote VPN site PCs.

I Tried using UDP/IP and TCP/IP (port 1505).

With a sniffer on proxy master host and TCP/IP, I see

a RST/Ack in return to inital TCP Syn.

On remote vpn site PCs, nothing captured.

On Pix, I doesn't see any logged denied messages nor on C837 (logging-rate can miss some msgs).

I tried with RealVNC, another remote control product, it works fine !

So what happens with Proxy ?

In which is it different from VNC ?

drolemc · ‎05-12-2004

I remember reading somewhere that Funk Proxy uses broadcasts and that makes it incompatible with IPSec (which works for unicast only). It is strange thus that it's working for you in one direction. Are you sure that it's working over the IPSec tunnel. I don't think it will.

falain · ‎05-12-2004

I sniffed all traffic on local and remote PC.

1) Proxy master from remote to local

UDP or TCP request comes but local PC (mine) answers with ICMP port unreachable (1505). It works on another PC but mine doesn't.

2) Proxy master from local to remote

I put debug IP packet on C837 (VPN router) and sniffer on remote: Nothing appears on remote PC. ON C837 debug, nothing about UDP / TCP port 1505 nor on source / dst IP address involved.

Also,nothing denied on Pix debug and log msgs.

May be packets are filtered but not reported in log or debug.

On source local station, with UDP, I see only UDP requests and with TCP, TCP/Syn is followed by TCP/Rst Ack. So, where does TCP answer comes from ?