Reset Search
 

 

Article

KB43629 - Cannot access management port while connected with a VPN tunnel to the same PCS device

« Go Back

Information

 
Last Modified Date2/12/2018 8:12 PM
Synopsis
This article describes an issue where a PCS admin is unable to connect to the management port of the PCS appliance from an external network with a VPN tunnel established to the same appliance as the management port.
Problem or Goal
  • The PCS management port is configured on an internal network.
  • The PCS admin configures VPN tunnel access on the same device to access the management port externally.
  • The PCS admin connects with the VPN tunnel through the Internet but the management port is not reachable.
  • The PCS device has an internal route between the virtual IP pool and the management port.

 
Cause
This behavior is expected.  The management plane and data plane are logically separated by design so that the data plane cannot affect the management plane in any way.  Therefore, the hardware/software is designed to prevent traffic that is sourced from the management port to be routed through the VPN network on the same PCS device.  
Solution
In order to manage the the PCS device externally:
  1. Go to the Administrator Authentication Realm and select the Authentication Policy tab then under the Administrator sign-in ports enable the following option:
Enable administrators to sign in on the External Port

(Note: Secure passwords should be used by all administrators when enabling sign-in to the external port to prevent unauthorized access.)
  1. Connect with a VPN tunnel to a different PCS device on the same internal network as the management port of the device.
  2. Configure an internal route between the VPN IP Pool and the internal network that the management port is configured on as needed.  
Related Links
Attachment 1 
Created ByTravis Bradbury

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255