Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
c5d51d79-b177-4
Explorer

Access to ipsec resources from remoteaccess users

Hello,

I would like to allow my users to access resources located behind an ipsec tunnel with one of our clients but i don't understand how to do this.

I work with a gateway 3000 appliances in version 80.40 and a management appliance in 80.40 also.

What i want to do is allow flow like this :

RemoteAccess users --> 3000 appliances --> ipsec tunnel --> Clients

A very big thank you to those who can help me !

0 Kudos
5 Replies
PhoneBoy
Admin
Admin

The Remote Access encryption domain must include the encryption domain of the remote site.
If you are not using Office Mode for Remote Access clients. you will also need to configure IP Pool NAT.

0 Kudos
c5d51d79-b177-4
Explorer

a big thank you for your feedback !

just to be sure of the manipulation, is it about adding the remote client's encryption domain to this encryption domain ?

0 Kudos
PhoneBoy
Admin
Admin

I'm referring specifically to this:

Screen Shot 2021-06-22 at 7.31.06 AM.png

For your regular VPN gateway, ensure the Office Mode address space is included in the encryption domain.
Your partner will need to ensure the Office Mode address space is included as part of their definition of your encryption domain.

0 Kudos
the_rock
Mentor
Mentor

Not exactly...what phoneboy is referring to is what I attached in the screenshot. Make sure that firewall is part of remote access community, save, then edit the object and apply the changes as per photo attached. Though, you could also do it from that window as well that you showed.

0 Kudos
the_rock
Mentor
Mentor

Sorry, my apologies, I see that firewall is indeed part of RA community, so your answer is definitely correct, you can do it that way too.

0 Kudos