Hi, we have site2site VPNs setup from our 7.507 firewall to a Cisco 3030.
It's been working for the services and servers we were using, but when we tried to use a new service, we are unable to connect from SOME of our servers.
The new service is remote, at 10.40.1.19, TCP port 1433 (MS SQL)
The network behind Astaro is 10.42.6.0/24
i.e. it works from
10.42.6.17
10.42.6.19
10.42.6.21
but does not work (and cannot ping) from
10.42.6.18
10.42.6.36
10.42.6.49
etc
When I run tcpdump on the firewall, I find that for the servers the VPN is NOT working, the packets are leaving on the EXT interface!
e.g. it's not routing the traffic through the VPN.
We have no static or policy routes configured on the firewall, and the VPNs are configured for the whole 10.42.6.0/24 network.
I can't figure out where the problem is.
Nothing appears in the PF or IPS logs.
I've opened a ticket with Astaro support as well.
Thanks,
Barry
This thread was automatically locked due to age.
