VPN Site to Site Problem
alijan125
Newbie ✭
Best Answer
-
CORRECT ANSWER
preston
All-Knowing Sage ✭✭✭✭
Not sure why the rules weren't auto created, just check that in Zones/VPN the below are enabled you may need to reboot the firewall after for the rule to be created,
also if they already are check the existing firewall access rule and under optional settings that Allow management traffic is ticked
0
Answers
Hi @alijan125 , you need to enable this on each of the site to site VPN policies in the Advanced tab as below
Do you mean the said step shoudl I configure on Branch B's Site to Site VPN Policy's Advance Tab?
I checked https already selected in the advanced tab of Branch B's VPN Site to Site policy but I am unable to access 172.16.26.1 Management from Head Office I checked this from Branch B's Network LAN
In Branch B we have installed SOHO250 model of Sonic. I may be the model issue where auto rules are not created I think. Secondly Sir you have shown one rule and highlighted the allow Managemnet Traffic would you kindly tell me in which branch's sonic rule I have to check??? as your screenshot belongs to sonic OS7 while in my both branches I am using lesser version as per model
it was the Branch B to check the rule and Zone settings, even though I'm on Gen7 the same rules and options are available on gen6 appliances they may just be in a different tab
Hi Alijan125, it should auto create the rules as long as the settings haven't been changed from the default in the Zone or if someone selected suppress automatic firewall rule creation when the VPN was set up, the quickest thing to do would be to screen shot the settings from the VPN on site B and then delete the VPN policy and then re-create it, it should then re-create all the default rules needed
Thanks a lot Sir. I am now able to ping 172.16.26.1 Management of Branch B from Head Office. I followed you I edited the rule and in the last there was option Enable Management which was not selected I checked and now I am accessing from Head Office. Once Again thanks Sir God bless you
Sir Now I am able to ping 172.16.26.1 but when I browse the same in my browser from Head Office LAN PC username & password page displayed after entering the credentials I am getting the error as shown below:
Please Sir further guide me
I checked in Opera the error occured after entering username and password shown below
you would be best to re-create the VPN policy on Site B and also delete the custom access rule, make sure when re-creating the VPN you enable Allow Management using this SA for HTTPS, this will re-create all the automatic rules needed for the VPN and the management
ok Sir thank you