Comments
-
Ok, to answer some of your questions: IP Address Source: Yes the subnet of the source is included in the VPN configuration on both sides. The remote computers CAN communicate with the DNS server directly via the VPN tunnel. Only the DNS Proxy is not routing through the VPN. NAT: yes I checked the NAT and don't see anything…
-
UPDATE: in doing some more testing. I decided to do a "Monitor All" on the capture to see what is happening. I found out what the issue is. It appears that the TZ300 is trying to send the traffic as the WAN IP address out the WAN interface, instead of trying to send it through the VPN tunnel. It appears the TZ300 is…
-
I would like to note, this same issue also exists with site-to-site between TZ300's and an NSa2650. LAN resources behind the NSa2650 is able to communicate with all LAN resources behind the TZ300 in almost all cases, but the LAN behind the TZ300 has all traffic blocked through the VPN tunnel. I had ONE instance out of 23…