Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Port forwarding WAN to Route based VPN

I have 2 XG ver. 20 firewalls between 2 sites, both with Static public IP.

There is a SDWAN route based VPN between the 2 sites, and it works perfect. the roude precedence is SDWAN, Static, VPN.

I am trying to publish an internal server resource that resides in Site A, using the Site B WAN.

There is a firewall rule on Site B - Allow WAN to VPN, with specified TCP port number, and also a NAT rule to DNAT to the internal server.

It does not work. The packets arrive on the Site B WAN interface, and are sent out immediately on the same WAS interface, even there is an SDWAN policy to send anything destined for Site A LAN over the VPN.

I had tried using Source NAT rule as well, but the packets still exit the same WAN interface.



This thread was automatically locked due to age.
Parents Reply
  • please show us the SD-WAN Profile ... or try to switch to "primary/sec gateway"


    Dirk

    Systema Gesellschaft für angewandte Datentechnik mbH  // Sophos Platinum Partner
    Sophos Solution Partner since 2003
    If a post solves your question, click the 'Verify Answer' link at this post.

Children
No Data