Multisite VPN

Question

Hi all, 
 
 Today I have 3 sites with 1 Sophos UTM on each site. I created a site-to-site VPN on the main site.I downloaded the configuration for remote tunnel endpoint and upload this file on the 2 others site. 
 Each site can connect on the main site with the site-to-site VPN but not both site at the same time.

Thank in advance

BAlfson · Accepted Answer

Salut Jeremy and welcome to the UTM Community! 
 I fear that there's a problem with your present server definition that causes a routing problem that you cannot fix. 
 You will want to have two separate site-to-site definitions in the central site. Assume that we have sites A, B and C with site B as the central site. 
 
 Create an SSL VPN server in site B for site A with the LANs for sites B and C in 'Local Networks' and download the client file for upload to site A. 
 Create an SSL VPN server in site B for site C with the LANs for sites B and A in 'Local Networks' and download the client file for upload to site C. 
 
 Any better luck with that? 
 Cheers - Bob

PhilippRusch · Answer

Salut Jeremy, 
 please check routing and firewall rules between your remote sites/networks. 
 A site-to-site tunnel is what it says: it is establsihed between one site and another. To route between the remote sites, you have to add routes for each remote netwok at each site. The routes to the central site are established implicit with your tunnel definition. Likewise the firewall rules. 
 So you need to add the rest manually

jeremy gilruiz · Answer

It works fine, thanks a lot

Multisite VPN

Top Replies