Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 38 subscribers
  • Views 18198 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

New problem with IPSEC tunnel's, I can only reach 2 out of 4 remote networks?

JohnKenny

OK So I eventually managed to get all my IPSEC Site - to - Site connections connecting, I have 4 connections, 2 use 1st policy and another 2 use a 2nd policy.  But I can not access 2 of the VPN's remote networks and its not VPN's using 1 policy the 2 VPN's with issues both use different policies.  I have checked and double checked I have the same settings at each end and I do.  But still I am unable to reach 2 out of 4 remote networks.

When I use the remote route tool they all use the same route so in theory they should work, also I have added all 4 remote LAN's to a firewall rule.

Just to give you more info the 4 vpns are from 2 clients so 2 connect to Sophos UTM's and 2 connect to Draytek 2925's.  So I have 1 VPN that connects to a UTM that works and 1 from a 2925 that works, because the 2 VPN's that dont work are connecting to the same 2 devices I was able to copy the settings of the UTM & 2925 VPN settings so in theory the last 2 VPN's should have worked but as i say they connect but I cannot reach the remote networks.

Any ideas?

Thanks

JK



This thread was automatically locked due to age.
Parents
  • 0

    OK so i think i may have an issue with traffic routing from site 1 to site 2 using there own site to site vpn. How can i avoid this?

    It seems as if my traffic for site 2 remote network is going via the VPN for site 1 then across the site 1 & 2 vpn.  When i used to use UTM It seemed to send traffic across the right VPN.  Is there anyway to do this for IPSEC VPN's in XG?

    Although for some reason even when I disable the VPN to site 1 i am still unable to reach remote hosts on site 2 via my VPN to that?  Would this be because the Site 1 VPN still exists and is just disabled?


    Thanks

    JK

    CompKickers

Reply
  • 0

    OK so i think i may have an issue with traffic routing from site 1 to site 2 using there own site to site vpn. How can i avoid this?

    It seems as if my traffic for site 2 remote network is going via the VPN for site 1 then across the site 1 & 2 vpn.  When i used to use UTM It seemed to send traffic across the right VPN.  Is there anyway to do this for IPSEC VPN's in XG?

    Although for some reason even when I disable the VPN to site 1 i am still unable to reach remote hosts on site 2 via my VPN to that?  Would this be because the Site 1 VPN still exists and is just disabled?


    Thanks

    JK

    CompKickers

Children
No Data
Unfiltered HTML