PAMSC: cannot make multiple PPTP connections
Article ID: 222048
Updated On:
Products
CA Privileged Access Manager - Server Control (PAMSC)
Issue/Introduction
The first PPTP connection is disconnected when the second PPTP connection is made on jump server where PAMSC is installed and TCP class is used.
RDP to PAMSC server from 2 Windows10 clients by different users.
First, on RDP session from client1, user1 connects to other server via PPTP (VPN) and it works.
Then, do the same thing on RDP session from client2 (user2 connects to other server via PPTP), the connection made by user1 is disconnected.
This originally happened on 14.0 CR1 and still happens after upgrading to 14.1 CP2.
Environment
Release : 14.0/14.1
Component : PAM SERVER CONTROL ENDPOINT WINDOWS
Cause
The defaccess for TCP _default rule is modified to none and ACL for remote PPTP server connections are added.
The defacc(none) for TCP _default is the cause of the problem.
Resolution
The problem is resolved by reverting defacc for TCP _default rule to all.
The defacc for TCP _default rule should not be set to none as this may cause unexpected behavior by denying network connection.
Please consider to define specific TCP rules (such as 3389 for PPTP) and set defacc(n) to it if it is needed to block the access, and add ACL for exception (permision).
Feedback
Yes
No
Powered by
