Hi,
I have a ESXi 5.0 (Testlab,, 192.168.100.1) running at home with an virtual ASG 8.203(192.168.100.200, 2 Virtual E1000 Interfaces bridged mode, connected to a telekom speedport W921v with PPPoE passthrough configured, so its modem only) and a virtual Windows Home Server 2008(192.168.100.30). The ASG is running with Homeuser license and i have just 10 Rules defined (for instance internal Network -> any -> any, and VPN-Pool -> any -> any) No Proxies are configured. My prob is that when i want to connect with the vsphere-client from my virtual WHS 2K8 to the esxi the packets are dropped by the asg. I have tried adding different rules to allow the communication without success. Whats more is that when i use my physical homepc(192.168.100.75) i can mostly connect without issues but ONLY if i havent tried to connect from the WHS 2K8 beforehand. If i do that before i have to wait some hours or until next morning mostly then its fine again from my physical homepc.
Today i had some more time and tested a bit. I am connected via VPN to my homenetwork i have a RDP-session to my whs2k8 and my physical homepc. From both PCs the connection via Vsphere-client to ESXi are dropped. I tried to disable IPS and anti-portscan and got a connection to esxi from my WHS2k8 (yay) disconnected and activated IPS, connection still possible, disconnect and activated Antiportscan = timeout. OK thought i found the problem deactivated both again but this time the asg drops HTTPS again :confused: i cant get ahold of what could be the problem here. Its homelab so its not critical it just bothers me because i didnt have those issues with the ASG8.0 afaik.
Hopefully you have some ideas
Regards
Henrik
Log output:
dstmac="0:c:29:fe:97:d5" srcip="192.168.100.75" dstip="192.168.100.1" proto="6" length="52" tos="0x00" prec="0x00" ttl="128" srcport="50037" dstport="443" tcpflags="ACK"
2011:12:13-12:59:57 Nowis-ASG ulogd[5680]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth0" srcmac="0:1e:8c:70:38:c4" dstmac="0:c:29:fe:97:d5" srcip="192.168.100.75" dstip="192.168.100.1" proto="6" length="40" tos="0x00" prec="0x00" ttl="128" srcport="50037" dstport="443" tcpflags="ACK RST"
2011:12:13-12:59:57 Nowis-ASG ulogd[5680]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth0" srcmac="0:1e:8c:70:38:c4" dstmac="0:c:29:fe:97:d5" srcip="192.168.100.75" dstip="192.168.100.1" proto="6" length="52" tos="0x00" prec="0x00" ttl="128" srcport="50046" dstport="443" tcpflags="SYN"
2011:12:13-13:00:01 Nowis-ASG ulogd[5680]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth0" srcmac="0:1e:8c:70:38:c4" dstmac="0:c:29:fe:97:d5" srcip="192.168.100.75" dstip="192.168.100.1" proto="6" length="52" tos="0x00" prec="0x00" ttl="128" srcport="50046" dstport="443" tcpflags="SYN"
2011:12:13-13:00:07 Nowis-ASG ulogd[5680]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth0" srcmac="0:1e:8c:70:38:c4" dstmac="0:c:29:fe:97:d5" srcip="192.168.100.75" dstip="192.168.100.1" proto="6" length="48" tos="0x00" prec="0x00" ttl="128" srcport="50046" dstport="443" tcpflags="SYN"
2011:12:13-13:00:25 Nowis-ASG ulogd[5680]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth0" srcmac="0:c:29:76:e2:40" dstmac="0:c:29:fe:97:d5" srcip="192.168.100.30" dstip="192.168.100.1" proto="6" length="40" tos="0x00" prec="0x00" ttl="128" srcport="61429" dstport="443" tcpflags="ACK"
2011:12:13-13:00:25 Nowis-ASG ulogd[5680]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth0" srcmac="0:c:29:76:e2:40" dstmac="0:c:29:fe:97:d5" srcip="192.168.100.30" dstip="192.168.100.1" proto="6" length="135" tos="0x00" prec="0x00" ttl="128" srcport="61429" dstport="443" tcpflags="ACK PSH"
2011:12:13-13:00:25 Nowis-ASG ulogd[5680]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth0" srcmac="0:c:29:76:e2:40" dstmac="0:c:29:fe:97:d5" srcip="192.168.100.30" dstip="192.168.100.1" proto="6" length="135" tos="0x00" prec="0x00" ttl="128" srcport="61429" dstport="443" tcpflags="ACK PSH"
2011:12:13-13:00:25 Nowis-ASG ulogd[5680]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth0" srcmac="0:c:29:76:e2:40" dstmac="0:c:29:fe:97:d5" srcip="192.168.100.30" dstip="192.168.100.1" proto="6" length="135" tos="0x00" prec="0x00" ttl="128" srcport="61429" dstport="443" tcpflags="ACK PSH"
2011:12:13-13:00:27 Nowis-ASG ulogd[5680]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth0" srcmac="0:c:29:76:e2:40" dstmac="0:c:29:fe:97:d5" srcip="192.168.100.30" dstip="192.168.100.1" proto="6" length="135" tos="0x00" prec="0x00" ttl="128" srcport="61429" dstport="443" tcpflags="ACK PSH"
2011:12:13-13:00:27 Nowis-ASG ulogd[5680]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth0" srcmac="0:c:29:76:e2:40" dstmac="0:c:29:fe:97:d5" srcip="192.168.100.30" dstip="192.168.100.1" proto="6" length="52" tos="0x00" prec="0x00" ttl="128" srcport="61429" dstport="443" tcpflags="ACK"
2011:12:13-13:00:28 Nowis-ASG ulogd[5680]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth0" srcmac="0:c:29:76:e2:40" dstmac="0:c:29:fe:97:d5" srcip="192.168.100.30" dstip="192.168.100.1" proto="6" length="135" tos="0x00" prec="0x00" ttl="128" srcport="61429" dstport="443" tcpflags="ACK PSH"
Firewall ist aktiv mit 10 Regeln
Angriffschutz ist inaktiv
Webfilter ist inaktiv
Netzwerksichtbartkeit ist inaktiv
FTP-Proxy ist inaktiv
SMTP-Proxy ist inaktiv
POP3-Proxy ist inaktiv
Web Application Security ist inaktiv
Antivirus ist inaktiv
Antispam ist inaktiv
Antispyware ist inaktiv
E-Mail-Verschlüsselung ist inaktiv
Site2Site-VPN ist inaktiv
Fernzugriff ist aktiv mit 1 Online-Benutzern
HA/Cluster ist inaktiv
Log Management ist aktiv
Wireless Security ist inaktiv
I have a ESXi 5.0 (Testlab,, 192.168.100.1) running at home with an virtual ASG 8.203(192.168.100.200, 2 Virtual E1000 Interfaces bridged mode, connected to a telekom speedport W921v with PPPoE passthrough configured, so its modem only) and a virtual Windows Home Server 2008(192.168.100.30). The ASG is running with Homeuser license and i have just 10 Rules defined (for instance internal Network -> any -> any, and VPN-Pool -> any -> any) No Proxies are configured. My prob is that when i want to connect with the vsphere-client from my virtual WHS 2K8 to the esxi the packets are dropped by the asg. I have tried adding different rules to allow the communication without success. Whats more is that when i use my physical homepc(192.168.100.75) i can mostly connect without issues but ONLY if i havent tried to connect from the WHS 2K8 beforehand. If i do that before i have to wait some hours or until next morning mostly then its fine again from my physical homepc.
Today i had some more time and tested a bit. I am connected via VPN to my homenetwork i have a RDP-session to my whs2k8 and my physical homepc. From both PCs the connection via Vsphere-client to ESXi are dropped. I tried to disable IPS and anti-portscan and got a connection to esxi from my WHS2k8 (yay) disconnected and activated IPS, connection still possible, disconnect and activated Antiportscan = timeout. OK thought i found the problem deactivated both again but this time the asg drops HTTPS again :confused: i cant get ahold of what could be the problem here. Its homelab so its not critical it just bothers me because i didnt have those issues with the ASG8.0 afaik.
Hopefully you have some ideas
Regards
Henrik
Log output:
dstmac="0:c:29:fe:97:d5" srcip="192.168.100.75" dstip="192.168.100.1" proto="6" length="52" tos="0x00" prec="0x00" ttl="128" srcport="50037" dstport="443" tcpflags="ACK"
2011:12:13-12:59:57 Nowis-ASG ulogd[5680]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth0" srcmac="0:1e:8c:70:38:c4" dstmac="0:c:29:fe:97:d5" srcip="192.168.100.75" dstip="192.168.100.1" proto="6" length="40" tos="0x00" prec="0x00" ttl="128" srcport="50037" dstport="443" tcpflags="ACK RST"
2011:12:13-12:59:57 Nowis-ASG ulogd[5680]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth0" srcmac="0:1e:8c:70:38:c4" dstmac="0:c:29:fe:97:d5" srcip="192.168.100.75" dstip="192.168.100.1" proto="6" length="52" tos="0x00" prec="0x00" ttl="128" srcport="50046" dstport="443" tcpflags="SYN"
2011:12:13-13:00:01 Nowis-ASG ulogd[5680]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth0" srcmac="0:1e:8c:70:38:c4" dstmac="0:c:29:fe:97:d5" srcip="192.168.100.75" dstip="192.168.100.1" proto="6" length="52" tos="0x00" prec="0x00" ttl="128" srcport="50046" dstport="443" tcpflags="SYN"
2011:12:13-13:00:07 Nowis-ASG ulogd[5680]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth0" srcmac="0:1e:8c:70:38:c4" dstmac="0:c:29:fe:97:d5" srcip="192.168.100.75" dstip="192.168.100.1" proto="6" length="48" tos="0x00" prec="0x00" ttl="128" srcport="50046" dstport="443" tcpflags="SYN"
2011:12:13-13:00:25 Nowis-ASG ulogd[5680]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth0" srcmac="0:c:29:76:e2:40" dstmac="0:c:29:fe:97:d5" srcip="192.168.100.30" dstip="192.168.100.1" proto="6" length="40" tos="0x00" prec="0x00" ttl="128" srcport="61429" dstport="443" tcpflags="ACK"
2011:12:13-13:00:25 Nowis-ASG ulogd[5680]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth0" srcmac="0:c:29:76:e2:40" dstmac="0:c:29:fe:97:d5" srcip="192.168.100.30" dstip="192.168.100.1" proto="6" length="135" tos="0x00" prec="0x00" ttl="128" srcport="61429" dstport="443" tcpflags="ACK PSH"
2011:12:13-13:00:25 Nowis-ASG ulogd[5680]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth0" srcmac="0:c:29:76:e2:40" dstmac="0:c:29:fe:97:d5" srcip="192.168.100.30" dstip="192.168.100.1" proto="6" length="135" tos="0x00" prec="0x00" ttl="128" srcport="61429" dstport="443" tcpflags="ACK PSH"
2011:12:13-13:00:25 Nowis-ASG ulogd[5680]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth0" srcmac="0:c:29:76:e2:40" dstmac="0:c:29:fe:97:d5" srcip="192.168.100.30" dstip="192.168.100.1" proto="6" length="135" tos="0x00" prec="0x00" ttl="128" srcport="61429" dstport="443" tcpflags="ACK PSH"
2011:12:13-13:00:27 Nowis-ASG ulogd[5680]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth0" srcmac="0:c:29:76:e2:40" dstmac="0:c:29:fe:97:d5" srcip="192.168.100.30" dstip="192.168.100.1" proto="6" length="135" tos="0x00" prec="0x00" ttl="128" srcport="61429" dstport="443" tcpflags="ACK PSH"
2011:12:13-13:00:27 Nowis-ASG ulogd[5680]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth0" srcmac="0:c:29:76:e2:40" dstmac="0:c:29:fe:97:d5" srcip="192.168.100.30" dstip="192.168.100.1" proto="6" length="52" tos="0x00" prec="0x00" ttl="128" srcport="61429" dstport="443" tcpflags="ACK"
2011:12:13-13:00:28 Nowis-ASG ulogd[5680]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth0" srcmac="0:c:29:76:e2:40" dstmac="0:c:29:fe:97:d5" srcip="192.168.100.30" dstip="192.168.100.1" proto="6" length="135" tos="0x00" prec="0x00" ttl="128" srcport="61429" dstport="443" tcpflags="ACK PSH"
Firewall ist aktiv mit 10 Regeln
Angriffschutz ist inaktiv
Webfilter ist inaktiv
Netzwerksichtbartkeit ist inaktiv
FTP-Proxy ist inaktiv
SMTP-Proxy ist inaktiv
POP3-Proxy ist inaktiv
Web Application Security ist inaktiv
Antivirus ist inaktiv
Antispam ist inaktiv
Antispyware ist inaktiv
E-Mail-Verschlüsselung ist inaktiv
Site2Site-VPN ist inaktiv
Fernzugriff ist aktiv mit 1 Online-Benutzern
HA/Cluster ist inaktiv
Log Management ist aktiv
Wireless Security ist inaktiv