hello,
i'm having an issue routing traffic through 2 vpn links and i can't find a solution, here's the setup
lan A 10.10.20.x/24 ---vpn1--- lan B 10.10.10.x/24---vpn2--- lan C 192.168.3.x/24
vpn1 is a sophos xg 16.5 mr3
vpn2 is a utm 9.411
i need the computers on lan A to access lan C.
A to B works perfect, B to C also works perfect
steps i did to try and solve this problem:
added a policy route on XG for 192.168.3.x/24 gateway 10.10.10.15 which is the utm ip
on the utm i added snat for traffic from lan A to lan C snat oriign ip as internal lan ip 10.10.10.15
it doesn't works, on a A station the traffic does not even reach the UTM, the XG responds with destination unreachable
i added a manual route on a PC to go through utm, same error but now takes much more time for the tracert to show the failure
i disabled the SNAT rule, no change
added a ipsec route on XG: system ipsec_route add net 192.168.3.0/24 tunnelname vpn1
no change, even pinging from the XG console fails
added a 1:1 snat rule, same
i can't find how to add a static route as it forces the gateway to be in the same network as one of the interfaces(which it cannot be) and indeed the route table shows no path to C network
i'm not seeing any hits on the fw logs even.
any ideas?
This thread was automatically locked due to age.
