Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 26 subscribers
  • Views 334 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

More SDWAN Issues

BrentMagnant

Good Morning,

I have migrated a client with a main office and 4 branch offices to SDWAN. I have one issue that I am seeing and I haven't found any references.

The remote sites will attempt to download files from a *ix server at the main office. This fails until I replace the SDWAN routes with static routes. I can verify this in packet capture. The *ix server is their POS system and all other functions are fine.

Any advice? I am sure there is more info that would be helpful, so I'll be happy to provide.

Thanks,
Brent



This thread was automatically locked due to age.
Parents
  • FormerMember
    0 FormerMember

    Hi ,

    Thanks for reaching out to the Community! 

    How is the main office firewall connected to the beach offices? Is there a site-to-site VPN or MPLS connection? 

    If there’s no site-to-site connection between main and branch offices, Is the internal server at the main office configured with WAF or DNAT rule? 

    Would it be possible for you to provide a network diagram, screenshots of the configured SDWAN policies, and static route? 

    Thanks,

Reply
  • FormerMember
    0 FormerMember

    Hi ,

    Thanks for reaching out to the Community! 

    How is the main office firewall connected to the beach offices? Is there a site-to-site VPN or MPLS connection? 

    If there’s no site-to-site connection between main and branch offices, Is the internal server at the main office configured with WAF or DNAT rule? 

    Would it be possible for you to provide a network diagram, screenshots of the configured SDWAN policies, and static route? 

    Thanks,

Children
  • 0 in reply to FormerMember

    The main office and the branch office are connected via ELAN. We run an IPSEC - VTI tunnel between them over the ELAN.

    There are no NATS applied to the ELAN interface.

    The SDWAN and Static routes are just x.x.x.x/24 and y.y.y.y/24.

    It is a very basic setup. I'll post some screen shots later.

    Thanks!