Remote clients checking in with NAT IP
Recently we turned our SMA public facing. However now when users are on the VPN and they check in their IP address shows them with an NAT IP of their home network. With this happening some of our Smart Labels have stopped to work correctly. If I view a device and then look under Network Interface I can see the different network connections and see the VPN listed with an IP. Any help would be great..
Answers (2)
I believe you're talking about this:
https://support.quest.com/kace-systems-management-appliance/kb/326552/device-gateway-ip-addresses-not-available-in-device-list-page
You want the gateway IP (Public IP or VPN IP), instead of the device's LAN IP address.
Due to some major changes in 10.2, I believe this is working as designed, and requires users to modify the labels or create new ones. (in case they're using IP Range based labels).
If those are MySQL created labels, you will need to filter them like this:
IFNULL(MACHINE.GATEWAY_IP, MACHINE.IP) AS IP
If they're wizard created labels, you will need to go back to the Wizard.
Check this post's comments from July 2020:
https://www.itninja.com/question/sma-with-k1-20753-again-on-v10-2-234
If the VPN address is the same you can tell the SMA to ignore it. Go to Settings>general settings and scroll down to the section “ignore client IP address” and enter the VPN addresses in that box. The SMA should then ignore the IP and use the correct one
Comments:
-
I did see others mention this but it has not worked. My vpn addresses go from 10.4.13.1-200 i'd rather not list those out. I did try putting my NAT IP and then checked in the device. After doing that the asset showed the VPN IP address. - JC_Chi 3 years ago
