Create a Post
Showing results for 
Search instead for 
Did you mean: 

Can't access static NATTed server behind remote peer network

Hello mates.

There is ipsec VPN tunnel between two checkpoints. Branch has two networks for staff and guests. Staff network is on the VPN domain and guest network is not added to the VPN domain. web server is behind headquarter firewall and static NATted. We can access that server from internet everywhere but just can't access from branch guest network. How to access that static NATted web server from guest network.?




0 Kudos
1 Reply

What log messages show on one or both ends when this happens?
Even if the guest network isn’t in the encryption domain, the NAT address for the guest network probably is in the encryption domain (implicitly).

My guess is the guest network also needs to be in the encryption domain to fix this.
You should be able to prevent the guest network from accessing other things using access rules.

0 Kudos


Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events