So we have 2 subnets behind a firewall: Production (.1) and Development (.2). We're accessing them both via an OpenVPN server in the following manner:
(1) Client connects to VPN server (192.168.1.10) with NAT'd IP address (1.1.1.10)
(2) Firewall does the NAT'ing
(3) Client establishes the tunnel to the VPN server which then provides access to 192.168.1.0/24 and 192.168.2.0/24
As a client, I can ping anything on both subnets. In terms of services, everything seems to be working fine. More specifically to this issue, I can access all services on both subnets that runs HTTPS, such as iDRAC, cameras, switches, routers, Splunk, etc. I can also access the ESXi web interfaces on the Production subnet. However, when I try to access on the Development subnet, the ESXi web interface loads endlessly.
Note that the same ESXi web interface is accessible immediately after reboot, but then "loses connectivity" after a couple of minutes. Also note that I can always ping and SSH into that same ESXi.
Been trying to wrap my head around this for a while. Some of our engineers would like to play with their own ESXi... The solution so far has been to spin up a VM on the development subnet, RDP into that VM and then access ESXi that way...
Any ideas?
No comments:
Post a Comment