Hi everyone,
I recently switched over to XG Firewall from pfSense, thus kindly excuse my insufficient knowledge.
For a testing setup I have virtualized XG on ESXi.
My plan is to connect using a SSL VPN session to the manage zone, which is the only one which allows SSH traffic.
XG has multiple NICs and zones, listed below:
NIC - ZONE - IP
NIC1 - WAN -> upstream DHCP IP
NIC2 - manage - 10.1.1.0/24, XG acting as DHCP server
NIC3 - update - 10.1.2.0, XG acting as DHCP server
NIC4 - LAN - 10.1.3.0, XG acting as DHCP server
I have followed the online guide to setup a SSL VPN tunnel, the client successfully connects to the XG.
The VPN clients have a remote subnet of 192.168.0.0/24 and a local subnet of 10.10.0.0
Using the Firewall rules, I have enabled access from
Source
Zone:VPN
Network: remote subnet
to
Destination
Zone: LAN
Network: local subnet
as described in the tutorial. Further I have allowed access
Source
Zone:LAN
Network: local subnet
to
Destination
Zone: LAN, manage
Network: Any
Thus, if I'm not mistaken, the VPN client connecting should hop from 192.168.0.x via 10.10.0.x to 10.1.1.x to access resources in the manage zone.
However the client fails to ping either 192.168.0.1, 10.10.0.1 or any machine in the manage subnet.
As I'm using a split VPN tunnel, I manually set the gateway on the local vpn user interface to 192.168.0.1
Would greatly appreciate any help, have been cracking my head about this issue for the past 2 days; apart from the issue described XG is a really nice appliance.
This thread was automatically locked due to age.
