My question applies to two different situations I'm in...
First, I have a large client with a full Cisco network, many VLANs, dual Cisco ASA 5510's as their gateway. Their ASA's don't have active support, and the VPN client no longer supports Windows 10 and MacOS. The VPN users only need to access a single VLAN. I'm looking at my options, and one that came to mind was setting up an XG for VPN. I would assign it a public IP and an IP on the LAN. I know this would work in terms of users connecting to the VPN and accessing certain things, I just think it may have issues. The devices on the LAN would retain the ASA as their gateway. The users would only need SMB access to Windows file servers on the LAN. As far as my concerns, see my second scenario below.
Second, I have a client with an XG firewall, it's set as their gateway for the LAN. Users are unable to use their ShoreTel software on the XG's SSL VPN, I have support cases, forums posts, I'm an XG certified engineer, no one has been able to make it work. The ShoreTel software had no issues on their previous firewall, a Cyberoam. I'm able to connect to the VPN on the Cyberoam, but it doesn't work. I acuate this to the gateway mismatch, traffic comes in on Cyberoam VPN, hits the server, then the server tries to send it out through it's XG gateway which isn't aware of the Cyberoam. This may be fixable by some type of routing but I'm not sure how.
-Dru
This thread was automatically locked due to age.
