Creating a policy for encrypting RAVPN traffic on ...

shantilalSuthar · ‎2023-09-29

Hi Guys,

I have a requirement to allow the RAVPN network traffic towards HO network using a S2S tunnel & the RAVPN network should be translated to a Host IP 10.x.x.x (SNAT).

S2S VPN is UP & created a Hide NAT policy for translating the source in encrypted traffic & also created a security policy for allowing the encrypted traffic & assigned the respective VPN community.

My question is, The traffic is getting hit by the RAVPN policy only but not by the policy that i have created for the S2S tunnel.

shantilalSuthar · ‎2023-09-29

attached are the policies.

Gojira · ‎2023-09-29

Is the HO network part of the RA encdom?

Is hub mode enabled at the moment?

VPN Clients > Remote Access

As for why the first rule doesn't match, i think its down to it having the specific S2S vpn in the VPN collumn when your traffic is coming from the RA vpn.

Try leaving the VPN column as "any" and the gateway might just do the trick.

also, have you a log of a remote access user accessing HO at the moment?

shantilalSuthar · ‎2023-09-29

Is the HO network part of the RA encdom?

Yes, For routing the HO network via RAVPN.

Hub mode is disabled.

also, have you a log of a remote access user accessing HO at the moment?

Yes, Logging is enabled.

Will try with 'any' in VPN column & check.

Are you a member of CheckMates?

Creating a policy for encrypting RAVPN traffic on a S2S VPN towards HO.