This is the topology
I have this topology working with UTM9. I made the same configuration in SFOS 16.05.8 MR-8, but it does not work! And it's a very simple VPN configuration with NAT.
VPN Configuration:
Firewall A:
Local Network: 10.174.5.192/26
Remote Network: 10.174.220.0/22
10.174.224.0/22
10.174.228.0/22
10.112.118.61/32
I configured the nat in the firewall rules with "Rewrite source address (Masquerading)" to do NAT with the source IPs.
Rule -> Source "real IP - 192.168.0.0/24", any service, to destination "REMOTE IP - 10.174.220.0/22, make source NAT for" 10.174.5.193 ".
VPN goes up both phases, but traffic does not work! In packet capture, I see incoming traffic but it is not sent over the VPN.
I also made the route CLI configuration:
system ipsec_route add host 10.174.220.0/255.255.252.0 tunnelname VPN_TEC
With this route I already see the traffic being sent, but it still does not work.
Is this route really necessary? Or should I do some other configuration? This configuration is simple, I've done it in several firewalls and I've never had a problem.
This thread was automatically locked due to age.
