Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 27 subscribers
  • Views 1275 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

VPN with bridged LAN ports

Kevin Hugues

I needed to bridge 4 LAN ports to eliminate a daisy-chain of switches (Now 4 switches running back to the XG)

2 VLANS plus the "normal" network (a /23) running on the interface bridge.

Having difficulty with my site-site VPN. Tunnel connects but no traffic passes.

Can ping the remote router from the WAN port, so the tunnel itself seems OK.

Pinging remote router from any of the bridge ports fails. (Firewall rules allowing VPN-LAN and LAN-VPN are in place and have tried multiple variations including specific remote reanges as well as any)

Pinging the XG from the remote router fails (Ping/Ping6 from VPN zone is checked)

Sophos Connect works - can RDP to devices and access the XG via browser from devices on the XG's LAN, but attempting to access the XG (by IP) from the remote computer fails.

Interface config and FW rules attached.

What have I missed?

 



This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to Kevin Hugues
    Well, one of the ends is not capable of doing a /23 VPN. Switched everything (clients, bridge interface, and tunnel) back to /24 and everything works again. Does anyone have an XG running a /23 VPN? - If it’s a limitation on the XG - or a bridge interface limitation, that should be pointed out in the documentation. I suspect it’s th RV320 (admittedly a crappy router) - but if it’s an XG “gotcha” it would save the next guy some time to know.