Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations bkrike on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Access other subnets through VPN

Status
Not open for further replies.
bleachlpb

bleachlpb

IS-IT--Management
Jul 18, 2003
57
US
I have a SOHO 6 in use at a remote office, and a Firebox II at the main office. I have a Manual IPSec VPN tunnel set up between the two, and it is working OK. Traffic is able to flow back and forth through the tunnel to the subnets that are directly attached on each side.

The problem is - the users in the remote office need to access a telnet-based app that is located on a subnet that is attached to the main office subnet via a router.

This setup used to work OK - there used to be another Firebox at the remote office that I replaced with the SOHO 6. When I did, I copied the policy settings for the IPSec tunnel, and entered in these policies on the SOHO 6. I kept the policies in place on the Main office Firebox. Now, users at the remote office are unable to connect, and when they attempt to connect, on my traffic monitor for my main office watchguard - I get the following errors (IP addrs edited out - x.x.x.x = peer IP of SOHO 6):
WARNING - No Matching IPSecPolicy found for x.x.x.x
ACTION - Verify VPN IPSec Policies for x.x.x.x
get_ipsec_pref: Unable to find channel info for remote(x.x.x.x)

So, even though I entered matching policies in on both ends - this is not working still. Is this supported with the SOHO 6, or is my best bet to take my 2nd Firebox and put it back in place at the remote office?
 
Sort by date Sort by votes
You may want to set it for Aggresive Mode (both devices). This is what I needed to do for a SOHO6tc to FB700III manual IPSEC tunnel.

Kixtart
 
Upvote 0 Downvote
Thanks for the reply. As it turns out, I had to create a tunnel on the Firebox for each IPSec routing policy. I left the SOHO configured as it was. As soon as I made the changes, it started working OK.

 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Shmid
  • Locked
  • Question
Restricting Sonicwall SSL-VPN users for WAN access
Replies
7
Views
999
Shmid
Shmid
intel233
  • Locked
  • Question
Cisco ASA - VPN Question
Replies
6
Views
842
intel233
intel233
ISDPCMAN
  • Locked
  • Question
RDP fails over VPN
Replies
1
Views
355
gkittelson
gkittelson
WhosYourDiffie
  • Locked
  • Question
Cisco ASA 5506 VPN for Avaya Phones
Replies
0
Views
283
WhosYourDiffie
WhosYourDiffie
ChrisFairley
  • Locked
  • Question
Downloads failing through ASA 5520
Replies
1
Views
260
iggsterman
iggsterman

Part and Inventory Search

Sponsor

Back
Top