Can't reach GS748T Web UI outside of local network
Hello community,
I have a GS748Tv5 switch on a particular network, along with a GS724TP. They have separate IP addresses (obviously) on the same network and both have the same (correct) router configured as gateway and the same net mask.
I can manage either switch from within the local network, but if I try to manage the GS748Tv5 switch from an outside address (i.e., one that passes through the gatewal/router), the Web UI won't come up. It looks like it's starting to, and part of the page seems to come across, but not enough ever loads to display anything but a blank page on my screen. I can ping the switch just fine; I just can't manage it through HTTP or HTTPS.
For some context, the "outside" address I am trying to access the switch through is on the other side of a site-to-site VPN established by the router. The other side of the VPN tunnel is my local network (I am an outside IT vendor and I manage this organization's network from my office and local network through the VPN connection to the organization's internal network). I know the VPN tunnel is configured properly, because I can reach everything else on that network (various web interfaces including the GS724TP switch, remote desktops, SMB file sharing, SNMP stuff, even SSH protocol) from here with no problem. But I cannot bring up the web interface of the GS748T without going through a remote desktop session to some computer on the switch's local network.
As far as I can tell, there are no filtering/firewall features in the GS748T that would prevent it from being managed across the VPN tunnel. The only other thing I can think of is that it might be something related to MTU, but there doesn't seem to be any way to set MTU in the GS748.
--- It looks like it's starting to, and part of the page seems to come across, but not enough ever loads to display anything but a blank page on my screen. I can ping the switch just fine; I just can't manage it through HTTP or HTTPS.
For some context, the "outside" address I am trying to access the switch through is on the other side of a site-to-site VPN established by the router. ...
The only other thing I can think of is that it might be something related to MTU, but there doesn't seem to be any way to set MTU in the GS748.
Perfect problem analysis - must be an MTU (and PTMUD) handling problem on this switch model management IP stack.
@YeZ please push this to the switch engineering for an urgent fix.
Re: Can't reach GS748T Web UI outside of local network
Thank you, Kurt, for the quick response, and for the validation of my diagnostic skills. 🙂
I'll look forward to an update to address this. It's not critical, in the sense that I have a viable workaround, but it would sure be nice if I could access the switch when needed without jumping through any hoops. Thanks again for addressing it quickly.
Re: Can't reach GS748T Web UI outside of local network
Hi Sir,
Becasuse I don’t have GS748Tv5 in hands, I test VPN connection with GS716Tv3 v6.3.1.39 (same as the latest FW of GS748Tv5)
As result, I didn't need to manually change the MTU size and it worked through VPN and access Web UI page via http/https
I also check on GS748TV5 user manual, and found there is MTU configuration under VLAN Routing configuration, Could it be helpful to analysis the problem ?
Re: Can't reach GS748T Web UI outside of local network
Jennie, Scratch the MTU config for the routing. The management port IP stack must be able to deal with the PMTUD (path MTU discovery) on its own. We have seen this issue on a few Netgear switch models recently. Its something that needs to be fixed on that very model. Regards, -Kurt
Re: Can't reach GS748T Web UI outside of local network
Hi Compendic,
I try some config, scratched the MTU config on at my device, but still can access the Device http/https through VPN. Is it possible to povide the toplogy and captured pkts when the issue happen (can't manage switch through HTTP or HTTPS) ?
