Hi folks,
we are trying to set up a VPN connection to a service provider of our company currently.
Since that company is not able/does not want to define VTIs on their Sophos XG, we need to set up a "classic" VPN Tunnel via Domain-based routing.
The endpoint on our side is a dedicated 1450 checkpoint SMB appliance, running on R77.20.85 and is used just for VPN termination with only IPSec VPN Blade enabled.
We configured the interoperable device with the encryption domain as well as the VPN community. The Tunnel is up and working, SAs are available on both sides and looking at the VPN monitoring on the WebGUI of the 1450 it also shows the Tunnel up.
However when we try to access resources in the encryption domain , we see that the packets do not get routed into the tunnel/community but rather exits the default route to Internet where it gets dropped of course.
With our openserver checkpoint running on R80.10 we never had the problems, that the gateway is not routing the packets into the tunnel when we defined such a VPN tunnel.
Is there something we need to consider/change when setting up a VPN connections with the SMB Appliances?
Any help is appreciated.
Regards,