Skip to main content
SkyLite
SkyLite
New Member
July 4, 2018
Question

VPN Client two way traffic

  • July 4, 2018
  • 2 replies
  • 10082 views

I configured a VPN client access to my local network.  This works fine I can see and access the local network as configured within the incoming rules. Now I want to access the remote client from my local network, after closing the VPN. I created the rule to go out,

but in vain, I can´t reach to the client. Where could I be wrong?

Thanks in advance

Regards 

Leo

    2 replies

    Toshi_Esumi
    SuperUser
    Toshi_Esumi
    SuperUser
    July 4, 2018

    Do you have a route? If dialup IPSec VPN it would be automatically entered into the routing table, but if SSL VPN, you need to have a static route toward ssl.root interface. 

    SkyLite
    SkyLiteAuthor
    New Member
    July 5, 2018

    yes there is a route created automatically from the client IP/32 to 0.0.0.0. and with VPN-Client_0 interface.

    It´s a dialupIPSec VPN.

    theFWdude
    theFWdude
    New Member
    July 5, 2018

    Quick thought..  Does the client have a firewall enabled? Next, I would trace route you connectivity back to your client on the IPSecVPN and see where that traffic is dying.  If it's not the firewall on your client, it's your policy or your routing me thinks.  

    AKDetewe
    AKDetewe
    New Member
    July 5, 2018

    Hello,

    normaly a VPN Client connection is a DialUp User connection.

    This is a one way connection.

    When you closing the VPN Tunnel, your client must reconnect.

     

    Regards

    Andreas

    SkyLite
    SkyLiteAuthor
    New Member
    July 5, 2018

    Hi Andreas,

     

    is this by design or is there a workaround. I understand normaly its one way. But with some vpn client connections I need a two way connection.

     

    Hi Toshi,

    The sniffer shows one way traffic, from the client to the VPN site. Thats okay.

    When sniffer the other way around, the vpn site to the client, it seems it wants 

    to get out on the main interface, and not to the subinterface VPN-Cient.

    Tried to add some more routes, but the subinterface VPN-Client doesn´t appear to create the static route.

     

    What type of routes can I configure, to get the traffic go out on the VPN subinterface.

     

    With regards

    Leo

    Terms & ConditionsAccessibility statement