I currently have two networks connected via a site to site vpn (both sophos firewalls). I'm moving to an AT&T cloud based firewall/vpn solution. My plan is to stop using the sophos firewall at the remote location, but keep the sophos firewall at my main location (for policy based routing, and many other reasons). When I plug the remote network into the AT&T circuit, I lose connectivity to my main network, however, I do have internet access, and can access resources that are natted to the stub network (between AT&T and main sophos firewall). I have firewall rules in place to allow traffic through my firewall from the remote network (rule #1). I also have put a rule (#2) to allow traffic through my firewall from the stub network. The problem is I'm not comfortable natting every resource that will need to be access on my main network from my remote network. I've attached a basic drawing of the connection. My sophos vendor says my firewall settings are correct, and the problem is AT&T. AT&T says their settings are correct, and my firewall is the problem.
This thread was automatically locked due to age.
