We have setup a resource to a DNS name of a tool we host. In IIS for that tool, we have used IP restrictions to limit what IP addresses can connect. We have input the public IP of the Twingate connector.
When we connect to Twingate and attempt to access the resource, we are denied.
As a test, we added the IP of a client site to the whitelist in IIS and we are able to access correctly.
Looking at IIS logs, it appears that even though we are connected to Twingate, when we attempt to access the whitelisted resource, it is using the public IP address of the network we are connecting from and not the IP of the Twingate connector.
That’s very odd. Which of your resources (name) is it that you’re having issues with? As well, what platform is the client you’re trying to connect from running on?
Is there any other EDR/AV tools on the client device, or any sort of url filtering/inspection that might be happening at the firewall level?
Do other Twingate resources work as you expect them to?
Let me know on the above and we’ll see if we can get you sorted out!
RMM is the resource that isn’t working. Other resources in Twingate are working correctly.
Windows 10 client is what we are using to attempt to connect via Twingate.
The RMM web server and the Twingate connector are within the same AWS VPC. We have other servers in the AWS VPC environment that are able to access the RMM web server without issue (we have them in the IP whitelist of the IIS server). These other servers browse to the IIS server via the public IP of that server, so they are not using internal DNS and/or IP to access the IIS server.
The Windows 10 client that cannot access the RMM resource is outside that environment.
Can you please DM me your Twingate Client Logs, as well as the output from nslookup <domain in question> from the machine in question so I can take a look at what is/isn’t happening.
You should be able to click my name and send a message with them attached - should that not work you can also just email them directly to arthur@twingate.com
Was great to email back and forth with you. Ultimately it looks like the entry in your Windows Host file was the culprit but please let us know if anything else comes up!