Results 1 to 2 of 2
  1. #1
    Newbie
    Join Date
    Nov 2015
    Posts
    1

    Default IPSec site-to-site tunnel partially working

    Hi all,

    I have 3 Untangle FW installed at 3 sites, lets say A, B, and C. All 3 have IPSec tunnelling licenses.

    Site "A" is my main site with subnet 10.100.0.0/24, site B and C are respectively 10.100.1.0/24 and 10.100.2.0/24. Both sites B and C connect to site A using IPSec tunnelling.

    The tunnels seem to mount fine. I get green lights in the appliance. From the site A diagnostic Ping tester, I can ping adresses on sites B and C.

    However (and this is where I'm getting problems): for machines within the network of site A (10.100.0.12 for example), I'm unable to ping another machine on site B with the address 10.100.1.12. However, this machine can be pinged from my Untangle device... As if the tunnel is partial and not extended...

    Must I create a NAT rule to complete my installation?? Routing rules??

    The only special thing about the site A installation is that I have dual WAN (hence WAN failover and Balancer). Could this cause my problems?

    Any help would be greatly appreciated!

  2. #2
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,546

    Default

    Windows firewall, it prevents access to non-local subnets by default. I'd start there.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2