"Site can't be reached" when trying to query database from webapp page in IPSEC infrastructure

Ask Question

Asked 3 years, 2 months ago

Modified 3 years, 2 months ago

Viewed 13 times

things are like this:

VM with Windows Server 2012 for asp.net webapp - APPServer
VM with Windows Server 2012 for sql server database(different from 1 - but same network) - DBServer
CLient1 - Another VM with Windows Server 2012 from which I access a webapp that is hosted on APPServer(different network than first 2)
Client2 - Second Another VM with Windows Server 2012 from which I access a webapp that is hosted on APPServer(different network than first 3)
All 4 servers are in an IPSEC infrastructure

Now,

From CLient1 I access the webapp from Chrome -> log in -> navigate to some Report page -> generate report => "Site can't be reached"
Same thing From CLient2 I access the webapp from Chrome -> log in -> navigate to some Report page -> generate report => Report is generated and showed

I've installed Wireshark and on CLient2 when I hit generate Report button it only shows ESP results, on the other hand on CLient1 when I hit generate Report button it shows a few ESP than this (between APPServer and CLient1):

ISAKMP 246 Quick Mode
ISAKMP 278 Quick Mode
ISAKMP 102 Quick Mode
ISAKMP 118 Quick Mode
ISAKMP 166 Informational
ISAKMP 166 Informational

then some *ESP again

asked Apr 23, 2021 at 11:45

sTx

992 bronze badges

This sounds a bit like Client2 has already successfully established an ESP SA ("Quick Mode") earlier, so it can send ESP-encrypted data packets directly, but Client1 failed to establish one, so it's trying to negotiate one again on-demand -- and failing again. The "Informational" packets look suspiciously like the ones which cancel the pending SA.
– grawity_u1686
Commented Apr 23, 2021 at 11:52
What did you use to set up IPsec on Windows? (I think it has at least two completely separate clients...) Have you checked the corresponding log files, both on Client1 and on APPServer?
– grawity_u1686
Commented Apr 23, 2021 at 11:53
@user1686 if that would be true, won't mean that I couldn't even access the webapp at all?
– sTx
Commented Apr 23, 2021 at 11:53
@user1686 I've checked windows logs and indeed I see 2 "Audit Failure"(Keying Module Name: IKEv1 and AuthIP) -though I'm logged in app and I can navigate through pages
– sTx
Commented Apr 23, 2021 at 12:06

Add a comment |

Stack Exchange Network

"Site can't be reached" when trying to query database from webapp page in IPSEC infrastructure

0

You must log in to answer this question.

Browse other questions tagged
windows-server-2012
wireshark
ipsec
asp.net
.

Hot Network Questions

"Site can't be reached" when trying to query database from webapp page in IPSEC infrastructure

0

You must log in to answer this question.

Browse other questions tagged windows-server-2012wiresharkipsecasp.net.

Related

Hot Network Questions

Browse other questions tagged
windows-server-2012
wireshark
ipsec
asp.net
.