I'm trying to figure out what's happening under the hood when using ipsec as a client VPN solution. To me, ipsec behind NAT is problematic, let alone PAT which is in use in this case. I don't see how it's even possible but apparently the guy who set this tunnel up say's he can test successfully.
So this is using FortiClient 6.0 to connect to a Forticlient device on our vdom. I've been supplied the configuration and psk. What I'm seeing is the Client trying to create some kind of socket with our default gateway. The Forticlient logs show...
9/11/2018 12:14:22 PM Debug ESNAC Start searching for FGT 9/11/2018 12:14:22 PM Debug ESNAC Searching Default GW 9/11/2018 12:14:23 PM Debug ESNAC Timeout in select in SocketConnect 9/11/2018 12:14:23 PM Debug ESNAC Socket connect failed 9/11/2018 12:14:23 PM Debug ESNAC 192.168.192.2:8013, Secondary - 0 9/11/2018 12:14:23 PM Debug ESNAC CKeepAlive::SetState 9/11/2018 12:14:23 PM Debug ESNAC Not Registered 9/11/2018 12:14:23 PM Debug ESNAC m_dwAutoconnectWhenOffnet false 9/11/2018 12:14:23 PM Debug ESNAC End searching for FGT
And on the wire I'm seeing
5 2018-09-12 08:45:12.949585 192.168.0.2 192.168.0.1 TCP 66 3270 → 8013 [SYN] Seq=0 Win=64240 Len=0 MSS=1460 WS=256 SACK_PERM=1 6 2018-09-12 08:45:12.950563 192.168.0.1 192.168.0.2 TCP 60 8013 → 3270 [RST, ACK] Seq=1 Ack=1 Win=0 Len=0
My host is 192.168.0.2 and my GW is 192.168.0.1 in this case.
Anyone have any insight to what's actually occurring here?
No comments:
Post a Comment