Skip to main content
akl4u2
akl4u2
New Member
August 31, 2018
Question

VPN SSL TO IPSEC Tunneling just don't work

  • August 31, 2018
  • 1 reply
  • 9198 views

Hi all.

I have a main site and a remote site.

The main site is connected to the remote with IPsec Tunnel and it works perfect

I can also connect to the main site with SSL VPN without problems But When i'm trying to reach the remote site i can't

The main site is ==> 192.168.1.x

The remote site is ==> 10.0.0.x

SSL VPN ===> 172.17.0.X

I've tried everything i can - Static Route / Policy, Nothing Works

In the IPsec VPN Phase 2 it's 0.0.0.0 on both sides.

Any help how to solve this will me more then appreciated

 

Thank in advanced.

  

 

1 reply

Toshi_Esumi
SuperUser
Toshi_Esumi
SuperUser
August 31, 2018

First of all, is SSL VPN "split tunnel" or client's internet comes over the SSL VPN when it's connected? If split, the fist thing I would suspect is 10.0.0.x/24 is not in the client machine's routing table, which should be automatically injected based on the policy.

The rest is just routeing between the main and the remote, especially the remote side to get back to 172.17.0.x since the selector is 0/0. I assume you already verified. Then check what traceroute shows from the client toward 10.0.0.x if it goes into the IPSec tunnel or not.

tanr
tanr
New Member
September 1, 2018

Make sure you have the appropriate security policies in place too, from the ssl-vpn tunnel interface to the IPsec tunnel, etc.

akl4u2
akl4u2Author
New Member
September 1, 2018
I’ll will check it all and answer tomorrow at work, from the ssl-vpn to the IPSec I think I do have the appropriate security policies but I’ll upload pics tomorrow
Terms & ConditionsAccessibility statement