Hi
I have similar configuration and same problem as ojrad, post #30507.
I had tunnel between two 3.2 ASLs, and things worked OK, than I upgraded ASL on local site to 4.0 with all patches (4.015).
My config is now:
remoteASL3.2-internet-router-localASL4.0
Both sites uses same IP classess, so we do NATing on both sides.
On remote site they change source address from e.g. 10.10.10.1 to 172.17.10.1 and try access IP 192.168.15.1
On local site I change 192.168.15.1 to 10.10.0.1
tunnel is up&running:
192.168.15.0/24:0 -> 172.17.0.0/16:0 => tun0x103c@xxx.xxx.xxx.xxx:0
routing is set properly (at least I think so)
Here is what is happening with communication over VPN:
Ping from remote host 10.10.10.1 to 192.168.15.1 (ICMP EchoReq)
remoteASL3.2 changes source 10.10.10.1 to 172.17.10.1
packet is rerouted to VPN tunnel
localASL4.0 changes destination 192.168.15.1 to 10.10.0.1
local host 10.10.0.1 receives ICMP packet from localASL and responds with ICMP EchoRsp to 172.17.10.1
*until here communication is OK*
localASL receives packet from local host, but instead rerouting through tunnel, packet is sent directly to internet?!?
packets are dropped on internal/local side of router:
192.168.15.1 -> 172.17.10.1 ICMP(EchoRsp) Deny
This VPN connection is vital for our use and I should resolve problem quickly.
Any suggestions?
This thread was automatically locked due to age.
