Global VPN clients cannot route traffic to another FW

JGs

Hello,

I have 2 FWs in different physically close locations, they connect to each other by a radio link between which there is a site-to-site VPN established, the main site has a global VPN so that it can be accessed externally.

The problem I have is that internally the traffic is routed well when I want to reach resources between the sites but when connected by VPN I can only reach the main site where I have this VPN configured.

I've tried creating routes, access policies and nothing.

When I perform a tracert the first jump can no longer even identify it.

Please help! 😅

MustafaA

When traffic is generated from the host with GVC, tracing the packet flow with Packet Monitor on the main site, what is your observation?

You have to make sure that the networks that needs to be accessed through the GVC, has to be part of the "VPN Access" of the user. Moreover, the GVC subnet has to be part of the site to site VPN network negotiation if policy based IPsec VPN is used.