Can't access web when enabling site to site VPN

[leiw]

Hello

I can't access to server site web console when site to site VPN enabled.

Thanks !

[leiw]

I just checked VPN site can ping VPN server internal IP address, but cannot access any of them, firewall already selected pass action.

If I use Client to VPN server that client can access VPN server internal IP address like file server, DNS, VPN server web console.

1. Two method is using same Address Pools.

2. VPN site Network Address is one of the usable within VPN site subnet.

Thanks !

[leiw]

Here is the information:

Server site:
Internal subnet: 172.16.0.0 / 23
Exiternal IP: 210.0.x.x (static IP)
Internal IP: 172.16.0.1 / 23

VPN site:
Internal subnet: 10.0.0.0 / 24
Exiternal IP: Dynamic IP
Internal IP: 10.0.0.254 / 24
Address Pool: site01
Network Address: 10.0.0.253

Client:
IP Address: 172.18.0.0 / 24 (site01)
Virtual Address: 172.18.0.5

Now site to site and client to site are working, but Server site can't access network resource of VPN site:

Client 172.16.0.5 > Server site 172.16.0.x (can)

Server site 172.16.0.x > Client 172.16.0.5 (can)

VPN site 10.0.0.x > Server site 172.16.0.x (can)

Server site 172.16.0.x > VPN site 10.0.0.x (can't)

The Exported Hosts and Networks already have 172.16.0.1 / 23. I had add 10.0.0.254 / 24 or 10.0.0.0 / 24 or to Exported Hosts and Networks:

If use 10.0.0.254 / 24 that 172.16.0.x cam ping to 10.0.0.x, but can't acces network resource.

If use 10.0.0.0 / 24 that 172.16.0.x cam ping to 10.0.0.x, but can't acces network resource.

Thanks !

[leiw]

Could someone can help?

Thanks !

[SMR]

Did you try https://internaladdressofuntanglebox ?? (note: httpS)...

[leiw]

Did you try https://internaladdressofuntanglebox ?? (note: httpS)...

It work .... why?

[leiw]

Now Server site can access to Remote site resource without to add 10.0.0.254 / 24 in Exported.

Thanks !