AnsweredAssumed Answered

VPN Tunneled traffic is blocked - Address Spoofing

Question asked by Johannes Schoen on Feb 1, 2019
Latest reply on Feb 22, 2019 by Mark Mitchell

Hi Community,

 

I got a annoying strange behavior:

 

Perimeter Checkpoint, Transfernet to Core Firewall with topoloy RFC1918 networks.

New VPN tunnel with a /24 net from 10.0.0.0/8 range.

 

Excluded tunneled network from address spoofing on external interface.

Created a Group RFC1918 networks with Exclusion of tunneld /24 network.

Set that group with exclusion to transfernet core-firewall interface

 

Traffic from VPN tunnel arrives, but dropped because of address spoofing.

 

What am I missing?

 

Help is much appreciated

 

Best Regards

Johannes

Outcomes