Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Explorer

Site to Site VPN HTTPS External Interface

Hello,

I have an existing clusterA with 2 gateways and a SMS server.  Cluster A has several internal interfaces, an external interface and a sync.  I have a new external clusterB that I have successfully added to my SMS.  The external clusterB has 2 internal interfaces, 1 external interface and a sync interface.

From the internal interface of clusterA to the external interface of new clusterB, I was able to SSH, HTTPS and ping.  After setting up a site to site VPN between clusterA and clusterB, I can no longer SSH or HTTPS from the internal interface of clusterA to the external interface of clusterB, but I can still ping from the internal interface of clusterA to the external interface of clusterB. 

I can SSH/HTTPS from the internal interface of clusterA to the internal interfaces of cluster B.

On my other site to site VPNs (which I don't manage with my SMS), I see SSH being accepted on an implied rule, but on my new cluster, SSH just drops to the cleanup rule.

Any ideas on what the issue is?  Why I can no longer SSH/HTTPS from internal interface of clusterA to the external interface of clusterB?

Thanks

0 Kudos
Reply
3 Replies
Admin
Admin

Have you done a tcpdump/fw monitor on both ends to very the traffic is getting there?
What does it look like?
Also, what errors do you see in the logs?
Explorer

I was able to resolve the issue. But I appreciate your reply.
0 Kudos
Reply
Admin
Admin

What was the issue?
0 Kudos
Reply