Adam Weremczuk wrote: > Hi all, > > I've just launched a Debian 12 VM in VMware (ESXi 7.0.2) and installed > apache2 / php / postgres stack on it + ssh access. > > Generally we have 3 subnets (IPv4 only): > > - 192.168.4.0/22 (Ethernet LAN) - which starts with 192.168.4.1 and ends > with 192.168.7.254 > > - 10.10.10.0/24 (VPN1) > > - 10.10.20.0/24 (VPN2) > > The new VM runs at 192.168.4.12 > > I'm having a weird issue with accessing it: > > DNS resolves fine. > I can ping and arp it from all addresses. > There is nothing is switches' config to restrict traffic. > > I can access TCP services (22, 443) from 192.168.4.x, 10.10.10.x and > 10.10.20.x but not from 192.168.5.x (a subset of Ethernet LAN). > I have no active 192.168.6.x or 192.168.7.x hosts to test from. > > I've done nothing special during OS installation and config. > There is no local iptables running on the VM. > > I've run tcpdump on the VM and connections from all 192.168.5.x hosts are > rejected with R (reset) flag. > It looks like some OS default or some kind of silent auto-ban causing it. > Access rejection only affects TCP services, ICMP - ping go through fine. > > I've deployed probably a hundred of various machines in this environment but > never had this kind of access issue before.
What does ip route show give you on the VM in question? Are there other VMs on the same host that work properly for the same tests? -dsr-
