Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 4 replies
  • Subscribers 26 subscribers
  • Views 3274 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Reaching a network "before" a XG via VPN Site2Site Tunnel

GernotMeyer

Hi,

I have 2 XGs having a VPN Site2Site Tunnel between datacenter and office.

User are using terminalserver in the datacenter.

IP Phones are implemented in DMZ of the office (no save LAN) but should be reached from datacenter (phone clients) THROUGH the tunnel

 

datacenter<---------------------------VPN-Tunnel-------------------------->Office LAN

datacenter<-Sophos-><-Internet-><-Firewall-><-DMZ-><Sophos>Office LAN

 

because of security reasons O don't want to go through the internet.

Is this possible in general?

The DMZ needs to be part of the tunnel?

Or do I need to just define routes?

How to preceed?



This thread was automatically locked due to age.
Parents
  • 0

    Hi GernotMeyer,

    Add the DMZ network in the Local Network tab in the IPSec policy; of the Office Sophos and the same DMZ network in the Remote Network tab in the IPSec policy of the Datacenter Sophos. Define VPN to DMZ and DMZ to VPN rule on both side of XGs and that should be enough.

    Thanks,

  • 0 in reply to sachingurung

    Hi,

     

    tried this. Thanks.

    VPN Site2Site shows up all networks new networks green on both sides.

    I can see the packets leaving the datacenter (log view).

    I cannot see them arriving at the office destination.

    A tracert indicates, that the traffic is forwarded through the tunnel.

    No idea, why nothing arrives at destination.

Reply
  • 0 in reply to sachingurung

    Hi,

     

    tried this. Thanks.

    VPN Site2Site shows up all networks new networks green on both sides.

    I can see the packets leaving the datacenter (log view).

    I cannot see them arriving at the office destination.

    A tracert indicates, that the traffic is forwarded through the tunnel.

    No idea, why nothing arrives at destination.

Children