UTM 9.004-34 Software
Shoretel VPN phones use an SSL VPN to connect to a concentrator behind my firewall. I have these phones setup to connect to a public IP (173.X.Y.Z). This address is DNAT'd internally to 192.168.1.203 (Only SSL traffic) Phones all connect perfectly to the VPN every time.
This is where the trouble starts....
If the VPN phone is sitting on a network with a 192.168.1.0 network... they do not work. They connect to the SSL VPN, but then they search for 192.168.1.5 (our Shoretel Director server) and do not find it.
If the VPN phone is sitting on ANY other network they connect and work perfectly.
So, Shoretel recommended changing the IP's the concentrator gives out from 192 addresses to something more unique. I chose 172.31.31.x as I figure no other private network would have that.
What rules would I need for this to send traffic back and forth from the VPN phones to my internal network and back?
I do have rules set up now, but I want to know what you think because I cannot get it to work no matter what I seem to do.
Shoretel VPN phones use an SSL VPN to connect to a concentrator behind my firewall. I have these phones setup to connect to a public IP (173.X.Y.Z). This address is DNAT'd internally to 192.168.1.203 (Only SSL traffic) Phones all connect perfectly to the VPN every time.
This is where the trouble starts....
If the VPN phone is sitting on a network with a 192.168.1.0 network... they do not work. They connect to the SSL VPN, but then they search for 192.168.1.5 (our Shoretel Director server) and do not find it.
If the VPN phone is sitting on ANY other network they connect and work perfectly.
So, Shoretel recommended changing the IP's the concentrator gives out from 192 addresses to something more unique. I chose 172.31.31.x as I figure no other private network would have that.
What rules would I need for this to send traffic back and forth from the VPN phones to my internal network and back?
I do have rules set up now, but I want to know what you think because I cannot get it to work no matter what I seem to do.