I'm having trouble accessing the IPMI web interface on my ASUS server (ASMB10-iKVM) through our VPN. While I can connect just fine from our LAN, the VPN connection fails. I've set up NAT on the Meraki router to direct traffic from the VPN's IP address to the LAN's IP on port 443. Additionally, I've created a firewall rule in the IPMI's web interface to allow traffic from the VPN on TCP port 443. A packet capture shows that packets from the VPN's IP are reaching the IPMI, but I'm not receiving any response; the connection just hangs for a minute and then times out. Is there any other setting I need to configure for external LAN access to the IPMI?
3 Answers
This sounds like a routing issue to me. It seems the packets are getting to the IPMI, but nothing is coming back. Make sure you’re not using NAT for this connection, as it might complicate the routing. Check for any ACLs on your router that could block traffic on that network segment, and also look into the Meraki firewall rules. Are you getting any response to pings?
Ensure that TCP ports 80, 443, and UDP port 623 are allowed and properly routed through your firewall. Sometimes, missing permissions on these ports can lead to this kind of access issue.
Have you checked if the IPMI has a default gateway set in its network settings? Since your VPN might be on a different DHCP range, this could be causing issues. Sometimes IPMI modules have quirky network configurations, and without a proper gateway, they won't know how to route responses back to the VPN subnet.
That's likely the issue! I've seen IPMI modules act up due to incorrect network settings before.
Yeah, if the default gateway is set to 0.0.0.0, it won't route traffic back correctly.
I enabled ICMP ping on the Meraki, but I'm still timing out. I’ll have to dive deeper into the firewall settings.