Tweet
I am trying to connect via IPSec an Untangle and Palo Alto for a Site to Site VPN Connection. Site A has the Palo Alto and Site B has the Untangle. Prior to this weekend both sides had an Untangle Device and were connected via Wireguard.
I have the tunnel up but I only have 1 way traffic. Site B (with the Untangle) can ping the networks I have allowed, and reach server shares and everything they need at Site A.
Site A can only ping the LAN port IP of the Untangle. If I Ping past that that I get LAN IP Address:Port Unreachable. This seems to me that it's routing issue where either the LAN port on the Untangle doesn't know what to do with the traffic either in or out. I have tried various static routes, Tried putting the Palo Alto Tunnel IP on the same subnet as the LAN of the Untangle (that is what you do for Palo to Palo Tunnel). Nothing changes.
I have a fulling working Palo to Palo tunnel at site A going to a different location so I think site A is fine and is something with Site B.
I have the tunnel up but I only have 1 way traffic. Site B (with the Untangle) can ping the networks I have allowed, and reach server shares and everything they need at Site A.
Site A can only ping the LAN port IP of the Untangle. If I Ping past that that I get LAN IP Address:Port Unreachable. This seems to me that it's routing issue where either the LAN port on the Untangle doesn't know what to do with the traffic either in or out. I have tried various static routes, Tried putting the Palo Alto Tunnel IP on the same subnet as the LAN of the Untangle (that is what you do for Palo to Palo Tunnel). Nothing changes.
I have a fulling working Palo to Palo tunnel at site A going to a different location so I think site A is fine and is something with Site B.