Access Gateway Webpage via Browser on VPN Connection

I have an Ignition server that I have remote access to via a VPN.

I can ping the PC, I can VNC into the PC. However, I cannot access the gateway webpage via

IT seems to think that I should have access, considering I can VNC into the PC.

What might be stopping the connection?

My first guess would be firewall. Either on the server or between your VPN connection and the server. Is there someone on the local network who can confirm if they can connect? That would eliminate the server's firewall.

I would provide your VPN connection's IP to your IT department and see if they can monitor their firewall for blocked communication.

This is most likely a firewall issue. Back in the day, firewall rules were quite generous, only blocking or allowing based on SOURCE and DESTINATION. Today's standard are now going even further to blocking/allowing based also on the PORT. Just because you can PING (uses typical ICMP port) or can VNC (port 5900?), doesn't mean port 8088 is open. As an FYI, for security reasons, even pings are being disabled on firewalls as it allows persistent attackers to map out networks to discover targets.

In that case, one way you can attempt to diagnose a connection is to use PowerShell and try the following command:

tnc -computername -port 8088

This will actually attempt to make a connection on the specific port as well as ping it. If it fails, then you have a firewall somewhere that is blocking it, or the gateway is not running as you expect. As others have suggested, make sure this works locally from the gateway machine itself to rule out any issues there. If this is a Windows machine, try turning off the firewall on the machine just to eliminate that as a source. If that's not it, it is likely a firewall along the way that is blocking it. Again, if this is Windows, you can use Resource Monitor to look at network listening ports and remote connections to see if you have anything coming up. This can be handy to identify another application that might be allowed through that you could attempt to shutdown and start Ignition in it's place to see if you can get it to work.

Now, considering you are connecting to the site over a VPN, something else to keep in mind that can be confusing is the ability of modern VPN software to split tunnel. This basically means only traffic destined for the site will go across the VPN, while other traffic might route over your normal internet connection. In some cases, a ping or whatnot may actually be a response from something else. This has gotten me before. However, considering you can VNC into it, then that is likely not the issue, but you should be aware of. I assume the VNC connection is also using that same IP address?


Some sort of firewall issue. IT knew what to do.


Must open port 8088