Welcome to the VanDyke Software Forums

Join the discussion today!


Go Back   VanDyke Software Forums > General

Reply
 
Thread Tools Display Modes
  #1  
Old 11-24-2020, 02:53 PM
donaghq donaghq is offline
Registered User
 
Join Date: Dec 2010
Posts: 6
Firewall chain contains a loop error

Hello

I have configured my sessions to go via a jumpbox. I added the firewall command to all my sessions including the jumpbox! I know I am getting the error as the jumpbox has been told to use itself as the firewall but......if i click through the error i get on the host. The curious thing is if I turn off the option of using a firewall on the jumpbox the hosts will not connect at all. They get the initial banner but will not authenticate.

Thanks

DQ
Reply With Quote
  #2  
Old 11-24-2020, 03:50 PM
bgagnon bgagnon is offline
VanDyke Technical Support
 
Join Date: Oct 2008
Posts: 4,521
Hi DQ,
Quote:
but......if i click through the error i get on the host.
But the session is not using the firewall (as it isn't possible).

Quote:
The curious thing is if I turn off the option of using a firewall on the jumpbox the hosts will not connect at all.
I am not sure what you mean by "turn off the option of using a firewall on the jumpbox". Are you saying in the "hosts sessions" you set the firewall to None?

Please restate the issue using some relevant (but they do not have to be the actual) Session Names to avoid confusion.
__________________
Thanks,
--Brenda

VanDyke Software
Technical Support
support@vandyke.com
(505) 332-5730
Reply With Quote
  #3  
Old 11-26-2020, 11:49 AM
donaghq donaghq is offline
Registered User
 
Join Date: Dec 2010
Posts: 6
Hi Brenda

Thanks for your reply.

I can access Host_A and Host_B via the Jumpbox_C. I ssh to Jumpbox_C and I can ssh from there to Host_A and Host_B. All good.

Now I want to access Host_A and Host_B via Jumpbox_C. I edit the session info for Host_A and Host_B to use the firewall function and choose the Jumpbox_C as the firewall.

Now when I log on to Host_A and Host_B I get the login banner but it does not allow me to log on and eventually times out.

DQ
Reply With Quote
  #4  
Old 11-30-2020, 11:06 AM
bgagnon bgagnon is offline
VanDyke Technical Support
 
Join Date: Oct 2008
Posts: 4,521
Hi DQ,

The requirement for using dependent session feature is that the jumphost supports port forwarding. Does the jumphost support port forwarding?

If so, please post trace options output of the connection attempts using the dependent session feature.

Since it may contain sensitive data, if you do not want to post the trace options output, send it to support@vandyke.com and reference Attn Brenda - Forum Thread #14354 in the subject line.
__________________
Thanks,
--Brenda

VanDyke Software
Technical Support
support@vandyke.com
(505) 332-5730
Reply With Quote
  #5  
Old 11-30-2020, 11:52 AM
bgagnon bgagnon is offline
VanDyke Technical Support
 
Join Date: Oct 2008
Posts: 4,521
Hi DQ,

I will need the entire trace options output, possibly even a more verbose version so please make direct contact per my last post.
__________________
Thanks,
--Brenda

VanDyke Software
Technical Support
support@vandyke.com
(505) 332-5730
Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -6. The time now is 07:51 AM.