Solved: Re: Custom encryption domain on local managed SMB

Nigel_Dennison1 · ‎2018-02-28

Good morning

I wonder if any one has come across this before. We have a customer running an SMB 1400 firewall with remote access VPN users. The customer has a secondary IP address range forwarded to the gateway by the ISP. They currently use this secondary range for external NAT IP's. Because the the secondary range is not defined on the interface configuration or the routing table remote access users are not forwarding traffic through the VPN to the firewall and are instead going via the internet to the secondary IP range.

In a fully managed gateway this would be easy to resolve by adding the secondary IP range into the remote access VPN encryption domain but I do not see that functionality in the locally managed SMB device. Does any one know of a work around for this or is the only answer to go to a fully managed SMB device.

Regards

Nigel

Neil_ZInk · ‎2018-02-28

have you tried manually defining the encryption domain?

Remote Access - Advance -> Local Encryption domain is define .. (default is automatic)

there is a similar settings for Site to Site VPNS

It may not help but it is worth a try.

Neil_ZInk · ‎2018-02-28

have you tried manually defining the encryption domain?

Remote Access - Advance -> Local Encryption domain is define .. (default is automatic)

there is a similar settings for Site to Site VPNS

It may not help but it is worth a try.

Nigel_Dennison1 · ‎2018-02-28

Yup that worked a treat.