Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
187
Views
0
Helpful
0
Replies

Can't access https over S2S VPN

stamperbrian
Level 1
Level 1

‎08-01-2022 06:48 AM - edited ‎08-01-2022 07:24 AM

I have a S2S VPN between two locations.  Recently playing with Veeam and tried to deploy a VMWare backup proxy at the other end and kept getting errors that it couldn't connect to vCenter.  Playing with this I find out none of my machines at the remote site can pull up any SSL based page at my site.  ISE admin, FMC, vCenter, ESX hosts direct.  It all just spins.  I have everything going through a prefilter policy so its clear of any of the policy, I don't have any SSL policies, I can ping, RDP, AD DC replicates, vCenter manages the esx host all fine. Everything shows up fastpath in the log. 

I've tried, multiple machines and OS (Linux/Windows) at the remote site.  Attached is a wireshark capture from the PC.  Showing ping traffic to 192.168.69.40 (ISE) just fine.  Then following the request for https.  The browser just sits and spins and nothing ever comes up.  

In addition for a test I tried lowering the MTU on my lan/internet side interfaces to 1350 just to see if that would help.  No change there. 

Labels:
Preview file
361 KB
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents