Troubleshooting Client access to Datanow from within corporate LAN

Version 3

    Verified Product Versions

    AppSense DataNow 3.6AppSense DataNow 3.5AppSense DataNow 3.0AppSense DataNow 2.0AppSense DataNow 4.0AppSense DataNow 4.1AppSense DataNow 4.2AppSense File Director 4.3

    Introduction

    Steps to troubleshoot a potential scenario where DataNow/ File Director is externally accessible via the internet, but not to clients inside the corporate LAN

    Detail

    Firstly ensure that you can resolve the appliance URL from inside the network. This can be accomplished by 'pinging' the appliance URL (Note, PING is enabled in V2.x, Disabled in 3.0-3.5 and enabled in 3.6+).

    • 'Ping datanow.company.com'

     

    Pinging  [10.10.10.10] with 32 bytes of data

    Note:  the successful outcome is that the appliance URL resolves to the correct IP address in the command prompt. A subsequent ‘Request timed out’ message may be expected if ICMP (ping) is disabled on the firewall.

    An example of a DNS resolution issue would be a message similar to the following:

     

    Ping request could not find host Please check the name and try again.
    If DNS resolves correctly, but you are still unable to connect, it is likely to be an infrastructure issue.  Specifically check:

     

    1. Is a firewall rule configured to allow TCP port443 from LAN to the Appliance in the DMZ?
    2. Depending on configuration, a hairpin /loopback NAT rule may be required (to allow the internal client to access anexternally published address from inside the network) – see NAT loopbacksection at https://en.wikipedia.org/wiki/Network_address_translation
    3. Is the traffic traversing a Proxy or URL checking service? If so try adding an exclusion for the appliance URL and retest