VPN to VPN is getting blocked by XG with status "Violation" and reason "SSL_VPN"

SSL VPN clients need to communicate with other SSL VPN clients. They are unable to communicate with each other. The packet capture on the XG shows the packets are dropped. The status is "Violation" and the reason is "SSL_VPN". I have tried a VPN to VPN any any rule, and still blocked. 

What do I need to do to let this work?

  • Do they have the same network range? 

    Could you share a screenshot of this violation? 

  • In reply to LuCar Toni:

    Yes they have the same network range. 

  • Hi Guys,

    we have exact the same problem, with a ssl s2s tunnel via SG / XG.

    The traffic is visible on the xg via packet capture but it will get dropped with this violation type.

    Why does XG reject the traffic with the message "SSL_VPN" ?

    Kind Regards,

    Max

  • I worked this out, turns out you need to add the IP address range under VPN -> SSL VPN -> Profile name -> Permitted network resources.