Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Nickel

S2S VPN and Remote Access

Jump to solution

Hello.

 

I have a situation where I am trying to allow remote access users to access a LAN subnet at a remote site.

For example.

I am ABC company.

ABC have remote access solution for their employees

ABC have 1 set of HA firewalls on the perimeter

ABC have a S2S VPN (STAR) to a company called HLD

 

ABC employees need to acccess HLD LAN from their remote access connection

 

Issue is:

Before making any NAT changes, or before changing the remote end to point at the RA office mode subnet, this happens:

Adding HLD LAN subnet to RA Encryption domain means everyone loses access to HLD. Not just remote access, everyone on ABC LAN can no longer access HLD.

Tunnel stays up, but traffic starts routing out via GW default gateway, and not over VPN.

Removing HLD LAN from RA Enc Domain fixes issues almost immediately.

 

Can someone provide advice on why this is happening, and the best way to configure such a set up?

 

R80.30 running Jumbo 90 something.. 2.6 kernel. 3000 devices running HA

0 Kudos
1 Solution

Accepted Solutions
Highlighted
Admin
Admin
That sounds like a bug and you should engage with the TAC.

View solution in original post

1 Reply
Highlighted
Admin
Admin
That sounds like a bug and you should engage with the TAC.

View solution in original post