Hi,
I have the following scenario:
Site A: 10.149.3.0/27
Site B: 192.168.0.0/24
Site C: 172.31.10.140/20
Site A and Site C must cummunicate.
FG is located in site B.
On FG in sTie B Site to site VPN A<->B and B<->C is configured.
Site to site VPN A-B uses NAT with following configuration:
External IP Range172.31.254.9 - 172.31.254.14Internal IP Range192.168.0.1 - 192.168.0.254
Can please assist how to make A<->C communication. Thank you!
Basically this means:
there is no S2S VPN (or vpn at all) from A to C, so the only way fro A to C is through B.
This means:
1. the Gw on Site A has to know a route for C that has the FGT at B as Gateway.
2. the FGT on Site B has to know a route for C over the S2S and also back to A (might already be there with the S2S, since required for commnication B<->C too).
3. the FGT on Site B has to have a policy that allows traffic from A to C to flow coming from S2S A<-> B and going to S2S B<->C
4. the Gw on Site C has to know a route back to A with FGT at B as Gateway
I currently don't know if our NAT affects anything in here as I don't use NAT on S2S Tunnels here.
I thus have a similar case here:
I got a Webservice that only allows access from our wan IPS at HQ. So all Sites have to access this via us.
So this has to go from Site <= S2S => HQ <= SDWAN => Website. Since in routing and polcies that's all down to interfaces that is basically the same...
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
