It's confusing that the WAN IPs in each site appear to be in the same subnet, but that shouldn't affect the establishment of the site-to-site.
Having the VPN endpoints behind a NAT complicates the configuration of the Remote Gateway definition on each side. In the Head Office, the 'Gateway' must be the public IP of the NATting router at the Branch Office. The 'Authentication type' must be one that allows the use of 'VPN ID type' "IP Address." Finally, put "192.168.20.172" into 'VPN ID (Optional)'.
Any luck with that?
Cheers - Bob
Sophos UTM Community Moderator Sophos Certified Architect - UTM Sophos Certified Engineer - XG Gold Solution Partner since 2005
It's confusing that the WAN IPs in each site appear to be in the same subnet, but that shouldn't affect the establishment of the site-to-site.
Having the VPN endpoints behind a NAT complicates the configuration of the Remote Gateway definition on each side. In the Head Office, the 'Gateway' must be the public IP of the NATting router at the Branch Office. The 'Authentication type' must be one that allows the use of 'VPN ID type' "IP Address." Finally, put "192.168.20.172" into 'VPN ID (Optional)'.
Any luck with that?
Cheers - Bob
Sophos UTM Community Moderator Sophos Certified Architect - UTM Sophos Certified Engineer - XG Gold Solution Partner since 2005
FrankBarmentlo : The first router is Cisco router 1841 then the Blue on router is Astaro softawre install in CPU Yes thank you.. my Cable is Wrong i use straight cable then i use Cross after you last post thnk you~ [[[[:D]]]][[[[:D]]]]
BAlfson : Thanks i will use this tips.. [[[[:D]]]][[[[:D]]]]
