I'm sure it's something I'm missing in the documentation but here is the configuration I have:
192.168.150.0/24 - datacenter network, also where the XG firewall is located
192.168.1.0/24 - office network, no XG firewall here
They are currently joined by an ipsec tunnel not managed by the XG.
The host on the datacenter network who routes the ipsec tunnel is 192.168.150.251
I tried adding the unicast route for 192.168.1.0/24 with a gateway of 192.168.150.251 but it doesn't pass traffic. Curiously, from the diagnostic page for the XG I can ping hosts on the 192.168.1.0 network successfully.
I figured firewall must be blocking but honestly for the life of me I can not figure out how to add a firewall rule that passes ALL traffic between 192.168.150.0 and 192.168.1.0. None of the clients behind the XG can get to the office network.
Is there some step I missed, or am I going about this wrong?
Quote