NGAF cannot Communicate With server

Newbie401373 Lv1Posted 10 May 2024 11:17

Last edited by Newbie401373 10 May 2024 17:34.

When we are using SSLVPN we can Communicate with all endpoints but only 1 server that we cant communicate / access, looking at Ngaf, Endpoint Secure Manager Port 3389 are Open TCP/UDP, any ideas what to fix? Thanks

By solving this question, you may help 183 user(s).

Posting a reply earns you 2 coins. An accepted reply earns you 20 coins and another 10 coins for replying within 10 minutes. (Expired) What is Coin?

Enter your mobile phone number and company name for better service. Go

Newbie401373 Lv1Posted 10 May 2024 14:12
  
We have been trying to uninstall the EDR on that enpoint and Ngaf works fine,, after installing EDR again it wont work,, all ports are properly connected
Enrico Vanzetto Lv4Posted 10 May 2024 14:54
  
Hi, on edr web ui you could check if you have some policy restrictions about rdp?
Please go on policy section of your edr appliance and select the corresponding group where your server resides.
After that, try first disabling this secondary authentication by untick this option:

You can try to disable for testing purpose even this setting about rdp

Newbie401373 Lv1Posted 10 May 2024 14:59
  
No, Still cant do, the only trouble we had occures when we are using the SSLVPN, after conncted we cannot communicate with one of our servers, once we uninstall the EDR we can communicate with the server. no configuration was change, and suddenly we cannot use VPN to access the server.
Farina Ahmed Lv5Posted 10 May 2024 16:15
  
Pls ensure that the SSLVPN configuration includes the correct routes to reach the server's network. Also, verify if there are any network policies or access control lists restricting access to the server. If all else fails, check for any potential issues with DNS resolution or IP routing that might be preventing communication. Hopefully issue will resolve after that.
Newbie517762 Lv5Posted 10 May 2024 16:17
  
HiHi,

Perhaps you can refer to this similar issue - the server cannot access the Internet and is not able to ping by LAN PC after enabling ES Agent.
Please find the attachment for your reference.
Server cannot access Internet and not able to ping.pdf (277.39 KB, Downloads: 576)

I hope it can assist you in resolving the issue.
Enrico Vanzetto Lv4Posted 10 May 2024 19:58
  
Ok, so if i understand correctly your server stands on the same network segment as other servers/clients, right? After install EDR on this server, if you connect from external network to your company network through vpn ssl, the only server that's unreachable on rdp is this server with edr, right?
Could you reinstall EDR on this server, disable windows firewall and try to ping or connect with rdp again from vpn ssl?
If you still can't connect, try installing a webserver like xampp and try to reach it from vpn ssl (xampp is a little tool that allows you to have an apache server working on the well known ports).
Prosi Lv3Posted 11 May 2024 18:28
  
Hi,

#Configuration# Sangfor NGAF Route mode
To configure Sangfor NGAF in Route mode setting.
Topology:
https://labs.sangfor.com/forum.php?mod=viewthread&tid=7456
Requirements
1. NGAF with firmware version of 8.0.35.
2. NGAF - Layer 3 switch point-to-point connection
Rotring Lv2Posted 11 May 2024 19:39
  
Hi,
Here are some ideas on why you can't access one specific server through SSLVPN while you can access others, even though ports seem open on the NGAF (Next-Generation Application Firewall) and Endpoint Secure Manager:

1.  Access Control Issues:

Firewall Rules: Double-check firewall rules on the SSLVPN server or NGAF. There might be a rule unintentionally blocking access to that specific server's IP address or port (3389 for RDP).
Split Tunneling: If split tunneling is enabled, ensure the server you can't access is included in the list of resources allowed through the VPN tunnel. By default, split tunneling might route non-work traffic outside the VPN, potentially blocking access to internal servers.
Endpoint Security Restrictions: Endpoint security software on the server you can't access might be blocking RDP connections from the VPN client's IP address.
2.  Server-Side Configuration Issues:

Windows Firewall: Check the Windows Firewall settings on the server itself. It might be blocking incoming RDP connections on port 3389.
Remote Desktop Service: Ensure the Remote Desktop service is running on the server you're trying to access.
3.  Client-Side Configuration Issues:

SSLVPN Client Settings: Verify that the SSLVPN client configuration is correct and points to the right server address and port (3389).
Network Adapter Configuration: Check the network adapter settings on the client machine used with the SSLVPN. Ensure it's set to obtain an IP address automatically when connected through the VPN.
4.  Troubleshooting Steps:

Test from Internal Network: Try connecting to the server directly from within your internal network (not through the VPN) to see if the issue lies with the server itself or the VPN connection.
Ping Test: Use a ping test from the SSLVPN client to the server's IP address to see if basic connectivity exists. If the ping fails, there might be a network connectivity issue between the client and server.
Log Analysis: Review logs on the SSLVPN server, NGAF, and the server you can't access. These logs might provide clues about the specific reason for the access failure.
fuadmahbubun Lv2Posted 20 May 2024 20:47
  
Last edited by fuadmahbubun 20 May 2024 20:49.

Hi Newbie401373,
have you checked for resource that allow to connect? you have to define destination resource (all destination server ip address) and roles for sslvpn user.

https://knowledgebase.sangfor.com/detailPage?articleData=%7B%22articleType%22%3A1,%22articleId%22%3A%222cc9b34e2d6b463f9fb3a70c9646ac0e%22,%22keyword%22%3A%22%22%7D


I Can Help:

Change

Board Leaders