Symantec Privileged Access Management

Issue with loop back address while doing SSH. This is error message we are seeing is below when we tried to do RDP/SSH from PAM 3.2

"Error connecting to 127.0.0,200,
reason:
-> Timeout "


Any suggestions where to look for

Thanks
Jay

Hi Jay,

The error indicates a network connectivity problem (firewall, network resolution, etc).

Can you go into the PAM UI >> Configuration >> Tools 

and see if we can ping and resolve the target name.  Also here I would also do a port scan on ports RDP (3389) and SSH (22) to see if they come back open to the target system.

Regards,
Kevin D.
Original Message:
Sent: 01-03-2020 11:49 AM
From: Jayavardhan Reddy Mamidigumpula
Subject: Unable to do RDP/SSH from PAM 3.2 to target systems



Issue with loop back address while doing SSH. This is error message we are seeing is below when we tried to do RDP/SSH from PAM 3.2

"Error connecting to 127.0.0,200,
reason:
-> Timeout "


Any suggestions where to look for

Thanks
Jay

Hi Kevin,

Thanks for prompt reply, we were able to ping this both target ip address and loopback address. i have attached screens for your reference. please let me know where else i have to look to resolve this issue.

Thanks
Jay
Original Message:
Sent: 01-03-2020 12:07 PM
From: Kevin Dedcovich
Subject: Unable to do RDP/SSH from PAM 3.2 to target systems

Hi Jay,

The error indicates a network connectivity problem (firewall, network resolution, etc).

Can you go into the PAM UI >> Configuration >> Tools

and see if we can ping and resolve the target name.  Also here I would also do a port scan on ports RDP (3389) and SSH (22) to see if they come back open to the target system.

Regards,
Kevin D.
Original Message:
Sent: 01-03-2020 11:49 AM
From: Jayavardhan Reddy Mamidigumpula
Subject: Unable to do RDP/SSH from PAM 3.2 to target systems



Issue with loop back address while doing SSH. This is error message we are seeing is below when we tried to do RDP/SSH from PAM 3.2

"Error connecting to 127.0.0,200,
reason:
-> Timeout "


Any suggestions where to look for

Thanks
Jay

------------------------------
Support Engineer 5
Broadcom
------------------------------

Original Message:
Sent: 01-03-2020 01:07 PM
From: Jayavardhan Reddy Mamidigumpula
Subject: Unable to do RDP/SSH from PAM 3.2 to target systems

Hi Kevin,

Thanks for prompt reply, we were able to ping this both target ip address and loopback address. i have attached screens for your reference. please let me know where else i have to look to resolve this issue.

Thanks
Jay
Original Message:
Sent: 01-03-2020 12:07 PM
From: Kevin Dedcovich
Subject: Unable to do RDP/SSH from PAM 3.2 to target systems

Hi Jay,

The error indicates a network connectivity problem (firewall, network resolution, etc).

Can you go into the PAM UI >> Configuration >> Tools

and see if we can ping and resolve the target name.  Also here I would also do a port scan on ports RDP (3389) and SSH (22) to see if they come back open to the target system.

Regards,
Kevin D.
Original Message:
Sent: 01-03-2020 11:49 AM
From: Jayavardhan Reddy Mamidigumpula
Subject: Unable to do RDP/SSH from PAM 3.2 to target systems



Issue with loop back address while doing SSH. This is error message we are seeing is below when we tried to do RDP/SSH from PAM 3.2

"Error connecting to 127.0.0,200,
reason:
-> Timeout "


Any suggestions where to look for

Thanks
Jay

Hi Kim,

Yes you are right, we were able to launch SSH console then midterm alert showing up with connection timeout error. yes target server has TCP port 22 open and we were able to connect it through putty from outside CA PAM.

We have the support case created already and here is the case id 20134271  

Thanks
Jay
Original Message:
Sent: 01-06-2020 05:50 PM
From: Sung Hoon Kim
Subject: Unable to do RDP/SSH from PAM 3.2 to target systems

Above screen is from my lab.
If you see the mindterm launch without immediate error that would mean PAM Client was able to access the 127.0.0.200 which is the default loopback IP PAM uses for Mindterm.
However, the timeout error is because PAM was unable to communicate with the target server for SSH conversation.
Your screenshot shows PAM was able to contact the target server's tcp port 22 and it shows as open so it may not be a firewall issue.

I would suggest that you raise a support ticket so we can collect logs and investigate why it times out.

Regards,
Kim

------------------------------
Support Engineer 5
Broadcom

Original Message:
Sent: 01-03-2020 01:07 PM
From: Jayavardhan Reddy Mamidigumpula
Subject: Unable to do RDP/SSH from PAM 3.2 to target systems

Hi Kevin,

Thanks for prompt reply, we were able to ping this both target ip address and loopback address. i have attached screens for your reference. please let me know where else i have to look to resolve this issue.

Thanks
Jay
Original Message:
Sent: 01-03-2020 12:07 PM
From: Kevin Dedcovich
Subject: Unable to do RDP/SSH from PAM 3.2 to target systems

Hi Jay,

The error indicates a network connectivity problem (firewall, network resolution, etc).

Can you go into the PAM UI >> Configuration >> Tools

and see if we can ping and resolve the target name.  Also here I would also do a port scan on ports RDP (3389) and SSH (22) to see if they come back open to the target system.

Regards,
Kevin D.
Original Message:
Sent: 01-03-2020 11:49 AM
From: Jayavardhan Reddy Mamidigumpula
Subject: Unable to do RDP/SSH from PAM 3.2 to target systems



Issue with loop back address while doing SSH. This is error message we are seeing is below when we tried to do RDP/SSH from PAM 3.2

"Error connecting to 127.0.0,200,
reason:
-> Timeout "


Any suggestions where to look for

Thanks
Jay