SSL vpn through ipsec site-to-site

Forum|Forum|7 years ago
January 24, 2019
1 reply
2127 views

Hi!

I Have 2 locations connected by site-to-site ipsec VPN, both with different subnets.

I want to connect by ssl vpn to location 1 (this works great) and through this SSL vpn and ipsec VPN, I want to have access to location 2 (it does not work). Is there any posibilities to use one ssl VPN to 2 different locations connected by ipsec site-to-site?

Lukas

Toshi_Esumi

SuperUser

It's nothing different from connecting two remote sites together via a HUB site over two IPSec tunnels. The keys are:

- SSL vpn can carry traffic to/from the loc#2 subnet if it's split-tunnel

- The IPSec VPN can carry traffic from/to SSL VPN client IP subnet (phase2 selectors if not 0/0<->0/0)

- Loc#2's FGT has a route for SSL VPN client IP subnet toward the IPsec tunnel.

- Both loc#1 and #2 FGTs have proper sets of policies to allow the traffic.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded