View Single Post
  #3  
Old 04-29-2015, 03:41 AM
gordan gordan is offline
Member
 
Join Date: Apr 2011
Posts: 5
gordan has 10 reputation points
Question Finishing configuration

Hi guys,

After one month configuring I'm almost done. The entire configuration for the VPN is in attach. There is two things I want to ask:

How can I permit the traffic from my network to the remote VPN networks while my LAN interface is in "firewall corp". While my interface "vlan101" is in firewall corp I can access Internet with the NAT policy: policy 1002 out permit address 10.10.139.2 10.10.139.254 any any nat-ip 192.168.139.2 (192.168.139.2 is my WAN interafce that is behind NAT of my ISP ADSL modem) But like this I can't access remote VPN networks (OSPF has populated all the routes to remote networks). However if I remove the "vlan101" interface from "firewall corp" I can access every network trough the VPN but no Internet.

I think it is a policy in the firewall that I miss so my traffic can be permitted trough the tunnel, but I need help with it.

The second thing is to enable SSH access from behind the tunnel.
If I try to SSH access 10.10.139.1 (my LAN address of the "vlan101" interface, there is no problem. But when someone on the other side of the tunnel tries to access via SSH on the same IP, there is a problem.

Any idea is welcome,
Gordan
Attached Files
File Type: txt 2330 config.txt (4.5 KB, 27 views)
Reply With Quote