Welcome, Guest. Please login or register.
Did you miss your activation email?
Saturday 23 November 2024, 01:06:04 am

Login with username, password and session length

Visit the official Endian Community Mailinglist  HERE
14258 Posts in 4377 Topics by 6516 Members
Latest Member: DaveH
Search:     Advanced search
+  EFW Support
|-+  Support
| |-+  VPN Support
| | |-+  Oddity with IPSec and Green/Blue Zones
0 Members and 1 Guest are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: Oddity with IPSec and Green/Blue Zones  (Read 8874 times)
trymes
Full Member
***
Offline Offline

Posts: 36


« on: Thursday 12 August 2010, 03:01:47 am »

OK, so I have two IPSec tunnels on my EFW 2.4 firewall. Each goes to a different site, and none of the subnets conflict.

GREEN: 10.1.0.0/16
BLUE: 192.168.1.0/24

Tunnel #1: EFW<-->IPSec<-->Site2<-->192.168.0.1/24
Tunnel #2: EFW<-->IPSec<-->Site1<-->10.3.0.0/16

All was working fine until I added a BLUE Interface on a third NIC. Before, when I only had RED and GREEN, everything worked fine. However, I now have a problem where Tunnel #1 works no matter what, but Tunnel #2 shows as "Link: Up" and "Status: Down" unless I enable the "VPN on BLUE" checkbox. Once I enable VPN on BLUE, everything works again.

This would be all well and good, but I do not want the Blue xone to have access to the VPN tunnels. I suppose I could add rules to the VPN firewall, but it seems to me that this should just work when I uncheck the "VPN on BLUE" box, and I shouldn't need to add any firewall rules.

Let me know if I have made some boneheaded mistake...

Tom
Logged
Pages: [1] Go Up Print 
« previous next »
Jump to:  

Page created in 0.047 seconds with 18 queries.
Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media Design by 7dana.com