A user cannot access resources through port forwarding

Publication Date:  2012-07-19 Views:  70 Downloads:  0
Issue Description
A user cannot access resources through port forwarding
Alarm Information
None.
Handling Process
Figure 1 Troubleshooting flowchart for the port forwarding fault

  • Cause one: The network connection is faulty.

     

    Ping the intranet server on the SVN3000 to check whether the server can be pinged through.

    If the server cannot be pinged through, it indicates that problems exist in the route between the virtual gateway and intranet server. Check the cables between the virtual gateway and the intranet server. If the connections are normal, check routing configurations.

     

  • Cause two: Port forwarding is disabled.

     

    When a user logs in to the virtual gateway UI, if the Start button is displayed in the Port Forwarding column, it indicates that port forwarding is disabled. In this case, click Start to enable port forwarding.

     NOTE:
    After port forwarding is enabled normally, the Start button changes to the Shutdown button in the Port Forwarding column. When port forwarding is disabled or the user is disconnected with the virtual gateway, the Start button is displayed again.

     

  • Cause three: The user connection times out.

     

    If a user connection times out, the Start button is displayed in the Port Forwarding column. Click Start to re-enable port forwarding. If you click Start, the login page is displayed. In this case, you need to re-log in and enable port forwarding.

     

  • Cause four: The corresponding port on the intranet server is disabled.

     

    1. When there is a reachable route to the intranet server, choose Start > Run in the OS on the intranet server.
      • Enter cmd in the dialog box. Click OK.
        • Run the netstat -an command in the command line window to check whether the service port is in Listening state. If the service port is in Listening state, it indicates that the service port is enabled.

    If the port is disabled, enable the port.

     

  • Cause five: The virtual gateway policy is incorrectly configured.

     

    1. Check the configuration of the virtual gateway policy. The fault may be because the user access permission is limited by the configuration of the policy. Modify the related policy rule configuration according to the chapter of configuring policies in the Configuration Guide.
       NOTE:
      When the port forwarding resources are configured as any IP, sometimes the user can see the resources that cannot be accessed on the page. For example, a policy that allows user A to access the resources of port 80 on all intranet servers is configured. Meanwhile, the administrator adds a policy rule that prohibits the user A from accessing the resources of port 80 on server B. In this case, user A can only see the resources of port 80 on server B, but cannot access them (user A can access the resources on other servers normally).
    2. Click Role Configuration in the Virtual Gateway List navigation tree. Click  of the role and select Resource Association and then Port forwarding to check whether port forwarding is enabled for the role to which the user belongs and whether the role is associated with the port forwarding resources. If port forwarding is disabled or the role is not associated with the resources, enable port forwarding and associate the role with the port forwarding resources.

     

Root Cause

Cause one: The network connection is faulty.

Cause two: Port forwarding is disabled.

Cause three: The user connection times out.

Cause four: The corresponding port on the intranet server is disabled.

Cause five: The virtual gateway policy is incorrectly configured.

 NOTE:
If the accessed resource is in the format of a domain name, you need to check whether the DNS server is correctly configured on the virtual gateway.
Suggestions
None.

END