- NG Firewall firmware versions 4.2.x, 5.0.x, 5.2.x
- netfence firmware versions 4.2.x
The management VPN tunnel from the netfence Control Centre to a remote managed box cannot be established. No connection attempts are displayed in the user interface of the CC mastervpn service.
The "VPN point of entry" is probably set to a wrong value. This value is configureable in "Config" > "Box" > "Network" > "Management Access" > "Remote Management Tunnel" > "Tunnel Details" the specific box. Very often, the server IP of the Control Centre is entered as "VPN point of entry". This is wrong, since the remote managed box is unable to establish a VPN tunnel to the Control Centre via Internet, as the CC only has an IP address within a private range.
Define the external IP address of the border firewall as "VPN point of entry". Insert a firewall rule that redirects all connections on TCP/UDP Port 692 to the server IP of the Control Centre. Using "Client" as connection type is recommended.