Hi
I have two Astaro Firewalls wiche are connected using Site-2-Site VPN.
Astaro 1 has 5 Subnets defined:
ASClients 192.168.27.0 255.255.255.0
Internal 192.168.28.0 255.255.255.0
DMZ1 192.168.29.0 255.255.255.0
DMZ2 192.168.30.0 255.255.255.0
DMZ3 192.168.31.0 255.255.255.0
WAN: Static IP
Astaro2 has 2 subnets:
Internal 192.168.40.0 255.255.255.0
DMZ 192.168.41.0 255.255.255.0
WAN: dynamic
I definied two more subnets:
Astaro1_LANs 192.168.28.0 255.255.252.0
Astaro2_LANs 192.168.28.0 255.255.255.0
I use these 2 definitions to connect both Firewalls as the Internal on Astaro 1 has to reach all DMZs on Astaro2 and vice versa. This setup works great.
The problem is for my Roadwarriro clients that connect to Firewall 1. They use x509 certificates but can only see the nets on Firewall1. They use the Astaro1_Lans definition for the local network and automatic packet filter. I thought this might be because the subnet 192.168.27.0 is not included in the Astaro1_Lans subnet definition. Do I have to switch my clients Ip addresses to be in range or do I have to reconfigure the VPN settings.
Any help is welcome. If you need more info I will post it.
Thanks Benny
This thread was automatically locked due to age.