I am having an issue in which the SMB 1400 cannot access hosts (DNS, DHCP, NTP servers) on a remote network via site-to-site VPN. Connections originating from the internal hosts work great.
I have checked the advanced option "Use internal IP address for encrypted connections from local gate", but now connections are started with the SYNC interface IP address instead of an IP in the local encryption domain, so they are dropped before entering the VPN tunnel:
;[cpu_0];[fw4_0];fw_log_drop_ex: Packet proto=1 10.231.149.2:2048 -> 172.16.1.2:29833 dropped by vpn_encrypt_chain Reason: No error;
How can I make this work correctly?