IPSec tunnel: Cannot open remote webconsole.

  • Hi Guy's,

    Configured an IPsec tunnel between home and work. Working like a charm. Can ping everything on the remote site and RDP sessions working great! Just one issue that I do not get going. At our company we use a web console for our database and one web console for monitoring.

    Database is running on
    Monitoring is running on

    The strange part is that I can reach the monitoring console perfectly. The Database console on the other hand is not working???

    Did configure the following Nat rules;


    For the record; I can ping both remote IP addresses through the tunnel.

    Any ideas why the ICINGA is working and the Database console not? Checked the syntaxes for typos many times. They are the same as on the company network and working good there.

    Any help would be appreciated

    Kind regards,
    Herman F.

  • Not sure what those NAT rules are doing, you should be able to hit everything over the tunnel without any NAT rules. What error do you get on the DB web page? Maybe some goofy config on the web server side?

  • Hi Dotdash,

    Thanks a lot for your reply. I really don’t know why ICINGA does work when I create the NAT rule??? Even without the NAT rule I am able to successful ping the Web console.

    Here is the error witch are displayed by the Internet browser. 10.0.0.x represents my local home network and 10.230.252.x represents the remote work network;

    CacheHost: localhost
    Err: (60) Operation timed out
    TimeStamp: Thu, 30 Aug 2018 17:41:39 GMT


    HTTP Request:
    GET /index.php HTTP/1.1
    Connection: keep-alive
    Upgrade-Insecure-Requests: 1
    User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.36
    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8
    Accept-Encoding: gzip, deflate
    Accept-Language: nl-NL,nl;q=0.9,en-US;q=0.8,en;q=0.7,de;q=0.6

    Can you make any sugar of this?

    Kind regards,
    Herman F.

  • Can't make much of it. I'd verify the gateways were correct on everything then make sure the OpenVPN rules on both firewalls were passing TCP, not just ICMP.

  • Good day Folks,

    Walked everything through again to figure out what’s going wrong here.

    The remote subnet is When I calculate this, the amount of host will be 2046. The host range will be till Correct me if I am wrong but should be reachable as well, right? Very strange that I can ping and reach but not

    Again, when I am at work, van be pinged and the webhost is reachable correctly.

    Does this make sense to anybody?

    Kind regard,
    Herman F.

Log in to reply