Cannot access some customer sites WITHOUT VPN connection

Forbes Jenalyn Rose · ‎01-07-2013

Hi guys,

We are having a problem in China office, they canot access some of our customer sites without using VPN connection. They can ping and traceroute the sites but cannot access the GUI. As fas as I know, nothing was changed from our routers or firewall (I even restored the backup firewall config). Ports are opened from the firewall. With VPN connection our public IP is 116.xxx.xxx.5, with wired - 116.xxx.xxx.124-.125 and wireless 116.xxx.xxx.120 - .121.

Using wired connection, we cannot open 3 customer sites and another different 3 sites for wireless. ACL on customer sites has been confirmed that we are allowed.

Could anyone pls help me on this?

Thanks in advance.

Regards,

Jenna

shamax_1983 · ‎01-08-2013

Hi Jenna,

Can you please elaborate a little on your problem..

So you have bunch of customer sites connected to your office with VPN tunnels I imagine?. Users from China office connect to you office through VPN and then access thos customer sites, and they access customer internal IP ranges directly?

What do you mean by " With VPN connection our public IP is 116.xxx.xxx.5 , with wired - 116.xxx.xxx.124-.125 and wireless 116.xxx.xxx.120 - .121" ??

I don't quite understand what you mean..

Forbes Jenalyn Rose · ‎01-24-2013

Hi Shamal,

Sorry for the confusion.

We can access our customer site through access-list. They allow our IP from their access-list and we should be able to access their site.

Our China office IP address range (including wired, wireless or VPN) is allowed on the customer access list but they still cannot access. Except vpn.

We have NAT on our firewall so wired has an IP address of 116.xxx.xxx.120, wireless has an IP address of 116.xxx.xxx.124 and when connected to our corporate vpn, the ip address is 116.xxx.xxx.5.

Please help.

Regards,

Jenalyn