Hi,
We have an zyxel usg 20 configured at our customers site, and a sophos XG firewall in our office.
Have configured so that VPN site-to-site works properly, but we have other networks on the sophos site that the users behind the zyxel should be able to reach.
The normal configuration is
Sophos(192.168.10.0/24) -> WAN -> internet -> WAN -> Zyxel (192.168.1.0/24)
This works, and all computers can ping each other.
On the sophos site we also have 10.0.0.1/24, I can see in the logs that it is allowed to ping throught the IPsec connection, but the return respons is not getting back from zyxel.
Zyxel logs says SPI: 0x0 (0) SEQ: 0x0 (0) No rule found. Dropping Unknow(1) packet[count=3]
I have tried to add static route, have tried to add policy route (One with next-hop auto, and one with the VPN tunnel as next-hop)
What can be wrong?
↧