Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 5 replies
  • Subscribers 4 subscribers
  • Views 9380 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Established IPsec site-to-site VPN, can ping other network except our AVAYA IP Office 500v2 manager.

ezra calubsing

Hi, we created a IPsec site-to-site connection and its UP!
from the remote area to our Head Office, they can ping our different workstation and server but not our Avaya IP office.
They cant ping or access the webpage of the Avaya IP office.

For testing purpose, i create a remote vpn using PPTP in a the remote client to our Head Office.
When i ping and access the AVAYA IP office, i can access them.

This is the Status our IPsec S2S Vpn, its GREEN.

SA: 10.10.8.0/21=X.X.228.134   Y.Y.142.250=192.168.1.0/24
VPN ID: X.X.228.134
IKE: Auth PSK / Enc AES_CBC_128 / Hash HMAC_MD5 / Lifetime 7800s / PFS MODP_768 / DPD
ESP: Enc AES_CBC_256 / Hash HMAC_SHA1 / Lifetime 3600s

If PPTP connection is possible to access AVAYA IPO, not in IPsec S2S connection
could there be a encryption or authentication difference that affects AVAYA IP Office, just wandering?

 

Thanks a bunch.



This thread was automatically locked due to age.
Parents
  • +1

    Ezra, does #1 in Rulz give any clues?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson

    Hi Bob,

    Thanks for the reference. I think rule #1 has a hit on my problem.

    On our AVAYA IPO 500 we can access it even its  net MASK is not same with our network subnet (strange).

    AVAYA IPO: 10.10.10.21/24
    INTERNAL NET: 10.10.10.0/25

    I'll configure the necessary things and test the connection, and if needed even the routing on the AVAYA IPO. 


    Thanks

     

    Ezra

Reply
  • 0 in reply to BAlfson

    Hi Bob,

    Thanks for the reference. I think rule #1 has a hit on my problem.

    On our AVAYA IPO 500 we can access it even its  net MASK is not same with our network subnet (strange).

    AVAYA IPO: 10.10.10.21/24
    INTERNAL NET: 10.10.10.0/25

    I'll configure the necessary things and test the connection, and if needed even the routing on the AVAYA IPO. 


    Thanks

     

    Ezra

Children
No Data
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?

Unfiltered HTML