Hi,
I'm trying here because Sonicwall support couldn't solve my problem. As stated, I have a TZ600 with latest firmware. I have several site-to-site VPNs configured and working fine for some time. We also use SSLVPN for clients.
Certain HTTPS connections to websites from head office are being incorrectly routed over VPN, although I don't know which one. The firewall then drops the connection (code 448) because there is no SA for that address configured. This is essentially regular Internet traffic that is suddenly going out the wrong way and being dropped. It is not all Internet traffic, only certain websites that do not seem related. I'm told all my settings are fine and that this should not be happening. My other sites have no trouble reaching these websites.
The workaround was to make an NAT route specifically for those websites, which is working for one of the websites in question. I would rather solve the underlying issue than resort to a workaround that I have to keep adding sites to.
In addition, the sonicwall can't reach the content filtering server (which may be because of the same https routing issue) and again, my other sites have no problem. The problem existed before I upgraded to latest firmware..
Has anyone seen this or have any ideas?
No comments:
Post a Comment