Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

Reach server behind site-to-site vpn from SSLVPN

Hi,

I have a site-to-site connection between my firewall (TZ370 HA) and 10.1.1.0/24. That is working fine.

Now I want to reach that network from behind my sslvpn connection, but my firewall is dropping my packets (Drop Code 727 Packet dropped policy drop)

Ethernet Header

 Ether Type: IP(0x800), Src=[00:11:22:33:44:55], Dst=[2e:b8:ed:c0:39:11]

IP Packet Header

 IP Type: ICMP(0x1), Src=[10.123.10.100], Dst=[10.1.1.15]

ICMP Packet Header

 ICMP Type = 8(ECHO_REQUEST), ICMP Code = 0, ICMP Checksum = 18543

Value:[1]

DROPPED, Drop Code: 727(Packet dropped - Policy drop), Module Id: 27(policy), (Ref.Id: _2722_qpmjdzDifdl) 3:3)


I have following Access rules:

SSLVPN => VPN from:10.123.10.100 to:10.1.1.0/24 allow

VPN => from:10.1.1.0/24 to:10.123.10.100 allow


Am i missing something?

Client <=> SSLVVPN <=> TZ370 <=> SITE-TO-SITE VPN <=> REMOTE SERVER


Thanks

Category: Entry Level Firewalls
Reply
Tagged:

Answers

Sign In or Register to comment.