We recently replaced a site-to-site VPN with a new carrier MPLS connection. The carrier's MPLS router is connected to a port on an ASG at each office.
We seem to have full connectivity between the LAN's, but SSL remote access users can not see the remote LAN. (They were able to via the previous site-to-site VPN.)
I have created static routes and FW rules at each ASG for all traffic to the remote office via the customer port on the local MPLS router. The remote office LAN is in the "Local networks" list of the remote access profile.
A traceroute from remote access laptop stops at local ASG (1st IP of the VPN pool). There is no evidence of packets being dropped in the FW log, but to be sure I tried adding a temporary any-any firewall rule to the top of the list at each end, but it made no difference.
Any ideas would be most appreciated!
This thread was automatically locked due to age.
Guest User!
You are not Sophos Staff.
