Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
20.1 Legacy Series
»
IPSec VPN only accessible from one end / site-to-site
« previous
next »
Print
Pages: [
1
]
Author
Topic: IPSec VPN only accessible from one end / site-to-site (Read 1617 times)
marcellinus77
Newbie
Posts: 3
Karma: 0
IPSec VPN only accessible from one end / site-to-site
«
on:
April 16, 2020, 02:09:35 am »
Hi
I have the following setup:
Site A, 10.50.0.0/16 Sophos XG IP:192.168.1.8 <NAT to INTERNET> IP:213.55.xx.xx
Site B, 10.10.0.0/16 OpnSense 20.1 IP:192.168.1.250 <NAT to INTERNET> IP:83.77.xx.xx
Site A is initiating the tunnel
Site B is set to listen for connections
The tunnel is policy based
I can ping and access from any device at Site A net (10.50../16) all devices at site B. So the tunnel is working perfectly, if looking from Site A.
i.e. from host (A)10.50.10.10 I can send print job to printer (B)10.10.1.5
However, I can not access Devices at Site A from Site B.
i,e, from Opnsense Host (B) 10.10.1.1 I can NOT ping host (A)10.50.10.10
Sophos does not support VTI, so I need to stick to policy based routing.
Is there any suggestion how I can enable site A to access site B?
Thanks
M.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
20.1 Legacy Series
»
IPSec VPN only accessible from one end / site-to-site