AnsweredAssumed Answered

Connections to remote site originating from SMB gateway

Question asked by Pedro Espindola on Mar 27, 2018
Latest reply on Mar 29, 2018 by Günther W. Albrecht

Hello guys,

 

I am having an issue in which the SMB 1400 cannot access hosts (DNS, DHCP, NTP servers) on a remote network via site-to-site VPN. Connections originating from the internal hosts work great.

 

I have checked the advanced option "Use internal IP address for encrypted connections from local gate", but now connections are started with the SYNC interface IP address instead of an IP in the local encryption domain, so they are dropped before entering the VPN tunnel:

 

;[cpu_0];[fw4_0];fw_log_drop_ex: Packet proto=1 10.231.149.2:2048 -> 172.16.1.2:29833 dropped by vpn_encrypt_chain Reason: No error;

 

How can I make this work correctly?

Outcomes