Hi,
I'm having an issue with creating an IPSec tunnel from my DMZ to a remote site. I have no problem creating a tunnel from my LAN to the same remote site.
My Astaro 7 config is as follows:
WAN0 = ISP#1(default gateway)
WAN1 = ISP#2
LAN = Setup to Masquerade via WAN0
DMZ = Setup to Masquerade via WAN1 + Policy Route to use WAN1's ISP gateway.
If I try to ping my remote site from a host machine on the DMZ I get
"From 67.50.8.x icmp_seq=3 Destination Host Unreachable"
which is just one hop up from our ISP on WAN1. To me, it seems like my policy route is *messing with packets that should be using the IPSec transform.
Any input would be appriciated.
Thanks,
Sean
I'm having an issue with creating an IPSec tunnel from my DMZ to a remote site. I have no problem creating a tunnel from my LAN to the same remote site.
My Astaro 7 config is as follows:
WAN0 = ISP#1(default gateway)
WAN1 = ISP#2
LAN = Setup to Masquerade via WAN0
DMZ = Setup to Masquerade via WAN1 + Policy Route to use WAN1's ISP gateway.
If I try to ping my remote site from a host machine on the DMZ I get
"From 67.50.8.x icmp_seq=3 Destination Host Unreachable"
which is just one hop up from our ISP on WAN1. To me, it seems like my policy route is *messing with packets that should be using the IPSec transform.
Any input would be appriciated.
Thanks,
Sean