I need a little bit of help in configuring our gateway appliance. (It's really my own fault for not testing it better when our consultant was here.) We've got our gateway setup with one nic facing the outside and one nic facing the inside as presrcibed. Our inside network works fine, but you can only connect to it from the outside when you're on the same external subnet, but not any other public internet. The DNS record is setup properly, but when I ping it from my house it times out. When I ping it from the outside but within our public block it works. This made me think that it was an issue with out network setup, however when I assign a laptop that same public ip address as the appliance, I can connect to it from any internet connection. That made me think that it was the firewall, so I tried turning it off and connecting again, but the result was still the same. Any help would be greatly appreciated.
Bump. Anyone have any ideas?
Have you tried using the gateway via a client running externally. I don't have a gateway to hand to test, but ping response isn't necessary for operation so it wouldn't surprise me if there was a rule in the built-in firewall not to respond.
The One-Stop Shop for LANDesk Enhancements
Thank you for your response. I should have been more clear initially. I did try pinging it as well as going to the web interface on 80 and 443.
For further clarification, I did install IIS on to a laptop and hook it up again to that port. I was able to ping and open up that web page with the same static that I set the management gateway to. So I can get to that IP on port 80 through our network, but not when it's hooked up to the gateway device. Any more thoughts, anyone?
When you said, "When I ping it from the outside but within our public block it works.", it got the wheels turning. I think you have one of the following problems:
Possible issue 1. The default gateway on the external interface of the gateway is incorrect (that's the easy one).
Possible issue 2. You have a firewall issue. Here's why I'm going that way - You said, "When I ping it from the outside but within our public block it works." If the computers connected to your outside network (public IP space) are all on the same network, then the firewall is not processing rules on those systems. In other words, if your outside network is 100.100.100.0/24 and all the servers are on the same network, then when 100.100.100.1 pings 100.100.100.2, the firewall doesn't get involved because both IP's are considered to be at the same security level (or the same interface - depending on the brand of firewall). When traffic from outside the 100.100.100.0/24 network comes in, the router is forced to evaluate that traffic and process both access rules and NAT rules.
Depending on the type of firewall you have, you may need a static NAT exemption for the outside IP address of your LANDesk Gateway Appliance.
Take a look at the NAT rules in your firewall for other servers on your outside interfaces that are accessible from the internet (web servers, for example). Then, use the firewall settings as a template for the LANDesk Gateway Appliance.
I hope this gives you another lead to follow (or two).
Thanks to all for your help on this. I wanted to let you know that the issue has been resovled (I ended up opening a case). Something that I didn't know was that ETH0 has to be pointed to the outside on the appliance and ETH1 can be used for the inside. Once we switched those and verified the firewall settings for our network it was good.