we have a head office XG135 and 4 branch offices connected with site-to-site vpns and various sophos firewalls. ( 125, 87,86 )
VPNs are working fine.
We want to route all internt traffic from the branch offices through the headoffice internet connection via the VPNs.
We followed these instructions:
So in each branch office we have a LAN-to-WAN drop rule and and the IPSec rule and inoboud_ho, outbound_ho
In the head office we have a VPN-to-WAN accept rule with the corresponding linked NAT rule. Plus of course al the rules from the site-to-site VPN ( ipsec, inbound_bo, outbound_bo )
As mentioned, all the VPNS are working fine, but when I try to access the Internet from a branch office it times out. With the policy tester in the branch office we always get a blocked message with "No matched rule (ID: 0)"
now even if I turn off the rule "lan-to-wan drop" in the branch office, I still get the "No matched rule (ID: 0)"
What did we miss?
THanks a lot.
This thread was automatically locked due to age.