Jump to content
Welcome to our new Citrix community!

SSLVPN in Citrix ADC VPX Advanced - 10 Mbps in AWS Cloud


Recommended Posts

Hello,

 

We are implementing an Citrix ADC VPX Advanced - 10 Mbps in AWS Cloud. The ADC release version is NS13.0 58.32.nc

 

We are facing couple of issues:

1.) The SNIP is unable to ping a Server in the same Subnet within the Same VPC ( in the security group all traffic is allowed for the 172.31.0.0/16 ):

SNIP IP address: 172.31.32.143

ServerIP: 172.31.32.162 ( ubuntu 18.04)

 

I am able to ping the SNIP IP address: 172.31.32.143 from the ServerIP: 172.31.32.162

 

2.) We are trying to use the SSL VPN. So we have done the configurations (Intranet IP is 172.31.0.0/16 ) and the client is able to connect to the SSLVPN, there are no errors shown in the log files. However, when we try to SSH to the 172.31.32.162 , it is not working. The IP address pool for the VPN clients is 172.17.1.0/24 and the client obtains the IP 172.17.1.1 after connected to the VPN. I find the following route entry in the client and it looks strange why it is configuring the  route to 172.0.0.1 route for the 172.31.0.0 in the client.:

 

172.31.0.0/16 gateway is 172.0.0.1  and interface is 172.17.1.1

 

 

Thanks,

 

 

 

Link to comment
Share on other sites

On 7/15/2020 at 11:49 AM, Cloudplus Contact said:

1.) The SNIP is unable to ping a Server in the same Subnet within the Same VPC ( in the security group all traffic is allowed for the 172.31.0.0/16 ):

SNIP IP address: 172.31.32.143

ServerIP: 172.31.32.162 ( ubuntu 18.04)

 

I am able to ping the SNIP IP address: 172.31.32.143 from the ServerIP: 172.31.32.162

 

Check if there are any firewall settings on the server

Do you see icmp echo request reaching to the server if you take tcpdump ?

 

On 7/15/2020 at 11:49 AM, Cloudplus Contact said:

2.) We are trying to use the SSL VPN. So we have done the configurations (Intranet IP is 172.31.0.0/16 ) and the client is able to connect to the SSLVPN, there are no errors shown in the log files. However, when we try to SSH to the 172.31.32.162 , it is not working. The IP address pool for the VPN clients is 172.17.1.0/24 and the client obtains the IP 172.17.1.1 after connected to the VPN. I find the following route entry in the client and it looks strange why it is configuring the  route to 172.0.0.1 route for the 172.31.0.0 in the client.:

 

172.31.0.0/16 gateway is 172.0.0.1  and interface is 172.17.1.1

 

If the configuration is correct, it is expected to get 172.31.0.1 as the first IP address.

Please share the configuration.

 

Thanks,

Vamsi

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...