Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 8 replies
  • Subscribers 37 subscribers
  • Views 1207 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

L2tp vpn remote users access to site to site network.

MrTea

Main site(x.x.0.0/23) connects via an ipsec site to site connection to a cloud site(x.x.100.0/24) and the L2tp vpn users are on(x.x.50.0/24) which connect to the main site.  I setup the ipsec connection to include the x.x.50.0/24 range on main site and cloud site vpn definition.  I'm getting this when I set it up this way

If I disable the l2tp definition with the x.x.50.0/24 range I'm able to get green on both but now vpn users cannot connect  What is the correct way to set this up so remote users can access the cloud?  Thank you.



spelling



This thread was automatically locked due to age.
Parents
  • 0

    Hello MrTea,

    If your networks are part of Private IPs, you wouldn't need to obscure them. I believe they should be but please confirm. You mentioned that x.x.50.0/24 is the network for L2TP users, but in the screenshot I see 99.0/25 and not 50.0/24. 

    As H_Patel, mentioned please confirm the SA in both sites are matching.

    Regards,

     
    Emmanuel (EmmoSophos)
    Technical Team Lead, Global Community Support
    Sophos Support VideosProduct Documentation  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'Verify Answer' link.
  • 0 in reply to emmosophos

    Yes they are both matching, I tried to changed them to different subnets to see if they were conflicting and took the screenshot then, sorry for the confusion. In the cloud configuration is has both the remote subnet of the sophox XG(x.x.0.0/23) and of the remote vpn range(x.x.50.0/24) and the XG has the same subnets as local subnets(x.x.0.0/23, x.x.50.0/24)  Opened a ticket with Sophos and spend several hours on the phone with them to no avail.  Hopefully L2 techs will be able to help tomorrow.

Reply
  • 0 in reply to emmosophos

    Yes they are both matching, I tried to changed them to different subnets to see if they were conflicting and took the screenshot then, sorry for the confusion. In the cloud configuration is has both the remote subnet of the sophox XG(x.x.0.0/23) and of the remote vpn range(x.x.50.0/24) and the XG has the same subnets as local subnets(x.x.0.0/23, x.x.50.0/24)  Opened a ticket with Sophos and spend several hours on the phone with them to no avail.  Hopefully L2 techs will be able to help tomorrow.

Children
Unfiltered HTML