locked
direct access client unable to connect with linux server with git RRS feed

  • Question

  • Hi,

    direct access client unable to connect with a  linux server (using git) over 2012 DA connection.

    I am able to connect this server using checkpoint VPN connection

    I can ping and able to telnet to linux server from DA server but not from the direct access client.

    Friday, January 17, 2014 5:55 PM

All replies

  • Do you know if GIT is trying to use a server name or an IP address to make it's connection? Contacting resources by IPv4 address will never work over a DirectAccess connection. DA is very different than an IPv4 Layer 3 VPN such as Checkpoint.

    Try to make sure that GIT is configured to communicate with a DNS name, NOT an IP. For example, if you are trying to contact "Server1", when you "ping server1" you should resolve to an IPv6 address on your DirectAccess client. This would indicate that DirectAccess is successfully handling your DNS request and spinning it through the tunnels. However, if you try to "ping 10.10.10.100" - this is never, ever going to work over a DirectAccess tunnel.

    Thursday, January 23, 2014 3:30 PM
  • Hi,

    User is connecting with fqdn. we have checked and found that telnet on port 22 is not working from user's machine/subnet. however the telnet is working from directaccess server and  test machine to application server. Direct access test machine is  located in the same subnet of DA server. It seems port is blocked.

    do we need to open port between client subnet and application server ?

    Is that true when client connected with telnet and ssh to application server directly. It bipass the DA server ?

    Any help will be appreciated

    Wednesday, January 29, 2014 12:24 PM
  • What do you mean by "DirectAccess test machine is located in the same subnet as the DA server"? - If you are testing DirectAccess, you would typically have your client machine be out on the internet, definitely not plugged into the same network as the DA server. Before you continue testing anything else, I think that I would focus on getting a good test platform setup, where you are more closely reflecting something that a user would be doing.
    Wednesday, January 29, 2014 1:47 PM