I have two hardware appliances (XG210) in an HA array. The auxiliary device is not reachable via HTTPS or SSH from the VPN. From the LAN without problems. HTTPS and SSH are enabled on the auxiliary device in the ACL. The IP address of the auxiliary firewall is in the same subnet as the primary firewall. The entire subnet should be accessible via VPN.
f.e.
LAN 192.168.0.254/255.255.255.0
VPN 10.25.25.0/255.255.255.0
DMZ 10.123.123.2/255.255.255.252
Primary FW: 192.168.0.254
Auxiliary FW: 192.168.0.252
VPN -> Primary FW -> Works
LAN -> Primary FW -> Works
VPN -> Auxiliary FW -> does not work
LAN -> Auxiliary FW -> Works
I have deactivated the HA The second firewall is still not accessible from the VPN.
The firewall logs show that all packets from my client (VPN) are allowed to the second firewall.
This thread was automatically locked due to age.