Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 26 subscribers
  • Views 1514 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

IPSec Site to Site - Same Local LAN Subnet

RoccoS

We are trying to set up a IPsec site-to-site VPN between two Sophos XG boxes, which have the same local subnet on both sides. Following the article https://support.sophos.com/support/s/article/KB-000035848?language=en_US we are able to get the VPN connection working. 

We will be moving the servers to a branch location and instead of re-IPing each server we would like to keep the network the same. 

The issue we are having..

The  Branch location, we can ping only the remote NATed IP: 192.168.6.1

From the Head office, we can not ping the remote NATed IP: 192.168.5.1

Neither locations are able to get to the Local Lan of 192.168.4.1. 



This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to FormerMember

    Hi 

    First is the Main Office Outbound Traffic

    Main Office Inbound Traffic.

    Branch Office Outbound Rule. This location has different Zones and which the rules are placed under the same zone & rule group.

    Branch Office Inbound

    Also I grabbed a packet capture from the Main office to the branch.

    Pulled a capture from the branch location and see the Ping coming through.

    When I go to check for traffic from the Branch location to the Main location ie. 192.168.4.200 (branch test IP) to Main Office 192.168.4.23 (Main Office Test IP) it does not get there.

    I see that the Rule ID's are correct in the captures above too.

  • 0 in reply to RoccoS

    So. I just pulled a new capture from the Branch location where 192.168.4.200 lives pinging 192.168.4.23.

    Then pulled the same Capture at the main office where 192.168.4.23 lives pinging 192.168.4.200.