Re: Portforward in not working when on anyconnect

MarkDagley51280 · ‎05-05-2021

Hi I have a Cisco RV340 and I have set up port forwarding for ports 80 and 443 to point to a server on the internal network.

if I access the address externally it works fine, if I access this from a machine on the network it also works fine.

However, if I try to access that from a machine that is connected to the office via AnyConnect I get the message your internet access is blocked.

the DNS entry is pointing at our external IP address and the internal network is in the range 192.168.1.x the VPN range is 192.168.5.x .

also if I ping the address I get General Failure

can anyone help resolve this?

nagrajk1969 · ‎05-14-2021

Hi

This is unfortunately due to the DNS-server you are using on the AnyConnect-Client-Host. Its resolving your server fqdn (say for example its server.somedomain.com) to the external wan-ipaddr of the RV340 (on which you have setup port-forwarding)

Since you have used AnyConnect to get access to your internal network, Do you have any Internal-DNS servers resolving the server.somedomain.com to a internal ipaddress? (such as 192.168.1.101 which would be the server ipaddress for example)

If yes, then in the ssl-vpn server, you should change the dns-server settings to as shown in the attached schematic

Else the only best way to access your server now in this present circumstances would be to

a) connect using the ipaddress instead of fqdn...such as https://192.168.1.101/

Note: there is another hard way...that is to, edit the c:\windows\system\drivers\etc\Hosts (maybe the location is some other place now in windows...but the file is "Hosts" for sure) and enter as below in a line by itself

192.168.1.101 server.somedomain.com