Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 7 replies
  • Subscribers 27 subscribers
  • Views 1088 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Site to Site SSLVPN

Alexander Schichow

Good Morning,

 

I'm really running against a wall here. 

We have two XG's (125 and 86w) which need to establish a S2S connection.

On the 86w side there are 2 companies using the same XG with separate zones (ours and our CEOs wife's) Now the connection itself works fine.

However after the connection has been established there are three possible outcomes.

 

1. The other side can access our resources as well as their resources but the second company (the wife's) can't access anything on the local network.

2. Basically nothing happens. Everything works as if there is no VPN 

3. The other company is fine, we can't access anything.

 

Now I'm pretty new to administrating networks in general but even newer to anything XG related. And while I do have an idea about how it should work I'm at a loss about how I would realise that so help on that matter would be very much appreciated.

Thanks in advance



This thread was automatically locked due to age.
Parents
  • 0

    Can you post related Screenshots of the Configuration? 

  • 0 in reply to LuCar Toni

    Sure here you go. Server (first 5) is followed by client. If there is anything else you need, let me know

  • 0 in reply to Alexander Schichow

    Why do you use SSL Site to Site?

    Would recommend to switch to IPsec or RED (if you have network protection). 

     

  • 0 in reply to LuCar Toni

    No Network Protection so RED is not in the spectrum. IPSec won't do anything but throw "Remote/Local host is behind NAT (which both are and will remain since our ISP can't provide us a simple cable modem due to a business contract and with business contracts there you can only use cable routers so no bridging. Having configured Port forwarding on the ISP routers is also not very useful for the log) So SSL is basically the only option left until I get enough knowledge to actually make IPSec work since we do need that somewhere else

  • 0 in reply to Alexander Schichow

    Alexander Schichow said:

    No Network Protection so RED is not in the spectrum. IPSec won't do anything but throw "Remote/Local host is behind NAT (which both are and will remain since our ISP can't provide us a simple cable modem due to a business contract and with business contracts there you can only use cable routers so no bridging. Having configured Port forwarding on the ISP routers is also not very useful for the log) So SSL is basically the only option left until I get enough knowledge to actually make IPSec work since we do need that somewhere else

     

    My mistake. We DO have Network Protection. I'll take a look at RED then

Reply
  • 0 in reply to Alexander Schichow

    Alexander Schichow said:

    No Network Protection so RED is not in the spectrum. IPSec won't do anything but throw "Remote/Local host is behind NAT (which both are and will remain since our ISP can't provide us a simple cable modem due to a business contract and with business contracts there you can only use cable routers so no bridging. Having configured Port forwarding on the ISP routers is also not very useful for the log) So SSL is basically the only option left until I get enough knowledge to actually make IPSec work since we do need that somewhere else

     

    My mistake. We DO have Network Protection. I'll take a look at RED then

Children