Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Darren_Phang
Participant

Mobile Access VPN users can't reach Internal network

Jump to solution

Hi Guys,

I'm currently facing an issue whereby my mobile access VPN users couldn't reach to my Internal network but DMZ network is fine. E.g. I couldn't ping 172.16.0.37 but can ping 11.1.1.123. Seeking advise on which part of my configuration is wrong.

CP configuration:

Mobile Access > Office mode (172.16.9.x) and DNS server is configured in the optional parameter already.

Policy:- Src: Access Roles (local users), Dst: DMZ_Net (11.1.1.0), INT_Net (172.16.0.0) , Service: Any,  Allow

Routing:- Dst Network: 172.16.0.0/255.255.0.0, Gateway: 10.1.1.102 (FG interface)

 

FG configuration:

Policy: Incoming Interface: External (10.1.1.102), Outgoing Interface: Internal (172.16.0.x) Src: All, Dst: 172.16.0.0, Service: All, Allow

Routing: 0.0.0.0/0.0.0.0, Gateway: 10.1.1.101 (CP interface)

 

Ping test case:

172.16.9.1 (mobile access vpn user) ping 172.16.0.37 failed!

172.16.9.1 (mobile access vpn user) ping 11.1.1.123 successful! 

 

Regards,

Darren

0 Kudos
6 Replies
This widget could not be displayed.