Has anyone done one of these before successfully? I've had no problem with any of the Standard mode configurations, however this Transparent/Split one has given me a headache. I've even got a call open with Sophos and have had a lengthy call today were I was told the configuration was fine and it's a route missing from the remote site gateway. I did point out this doesn't seem to be documented anywhere, but apparently it is really,really the case. It didn't sound right and when I tried it there was no difference. It would also disagree with the description of how this works :
"it is in-line with the gateway and can transparently redirect packets down the tunnel"
But the Sophos bod wouldn't have it.
The RED comes up, a laptop connected on the LAN side of the RED can still access the network at that end of things fine.
I've gotten a rule in to allow LAN < > RED traffic on the XG. All good so far.
I ping something on the XG side of things and nothing. If I run a TCPDUMP on the XG for traffic on the reds1 interface I can see the ICMP packets arrive, but not leave on any other interface. Nothing in CONNTRACK or DRPPKT. Oddly the firewall rule shows some traffic out on the RED firewall rule, namely a trickle DNS going from the core out to the remote network.
There seems to be a disconnect between the red network and the XG somewhere, it feels like I'm missing a step, but not what step is.
Please help shine a light onto this Dark World before I'm forced to burn this RED at the stake...
Regards
This thread was automatically locked due to age.
