AnsweredAssumed Answered

Clients from another LAN can't reach server from another LAN

Question asked by Darius Manabat on Jan 4, 2019
Latest reply on Jan 10, 2019 by Chris Atkinson

I have a question about Site-Site VPN, and my concern is that the client computers from LAN_A could not access the server from LAN_B (RDP protocol).


VPN Community

Type: Star

Name: Asia

Center Gateways: fw-HongKong

Satellite Gateways: fw-Indonesia (LAN_A) and fw-Malaysia (LAN_B)

VPN Routing- To center and to other satellites through center



Gateway: Checkpoint 2200

Version: R77.30 Build 204



Gateway: Checkpoint 1450

Version: R77.20



Gateway: Checkpoint 1100

Version: R77.20


Keep in mind that above gateways are also a satellite gateways of another VPN Community (Star) which is Global. Upon checking the SmartLog, I noticed that the traffic is trying to encrypt in HQ gateway which is part of the Global Community, and is being dropped. I want to know how the traffic can be routed to the Center gateway in Asia (which is fw-HongKong) and reach the server in LAN_B which is behind fw-Malaysia gateway.


I already added the required rule in the destination Policy but it still failing, I guess the traffic is routed to the Center gateways in Global Community? Any ideas what to check?


Thanks for the time in reading from a newbie