Avatar of Jorge Gutierrez
Jorge Gutierrez asked on

Need to access WebServers over VPN from WAN

Situation: I have a public IP (68.x.x.x) on a Sonicwall 3060 that NATS to a privatel IP (192.168.33.x) residing on an F5 load balancer on building A. That IP (33.x) uses a pool of servers (192.168.1.x) residing on building B connected through a VPN using the same SonicWall.
If I hit the internal IP of biulding A from a Browser, I can get results from Building B webservers. But if I use the public IP, I don't get anithing but a timeout. The VPN tunnel between building a and b is perfect. I think I have some routing issues to get WAN traffic to traverse the VPN and back out to the WAN.
Hardware FirewallsVPNNetworking

Avatar of undefined
Last Comment
giltjr

8/22/2022 - Mon
giltjr

So you have:

     68.x.x.x.x <-- Sonic --> 192.168.33.x <-- F5 --> 182.168.1.x <-- servers -->

When you say you "hit" the internal IP of building A, which internal are you talking about the F5's (192.168.33.x) or the real servers (192.168.1.x)?

Do you have the F5 doing SNAT on the virtual host?
ASKER CERTIFIED SOLUTION
skatsev

Log in or sign up to see answer
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform
Sign up - Free for 7 days
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
See how we're fighting big data
Not exactly the question you had in mind?
Sign up for an EE membership and get your own personalized solution. With an EE membership, you can ask unlimited troubleshooting, research, or opinion questions.
ask a question
SOLUTION
Log in to continue reading
Log In
Sign up - Free for 7 days
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
ASKER
Jorge Gutierrez

To simplify things I eliminated the Load Balancer temporarily. So I went Public(sonic)68.x.x.x  Nat directly  to Building B weserver 192.168.1.x. Web server still does not reply. I tried this before getting into SNAT or Spoofing. The server ob the VPN is not attached to the LB to avoid having to use the F5 as a gateway.
SOLUTION
Log in to continue reading
Log In
Sign up - Free for 7 days
Get an unlimited membership to EE for less than $4 a week.
Unlimited question asking, solutions, articles and more.
I started with Experts Exchange in 2004 and it's been a mainstay of my professional computing life since. It helped me launch a career as a programmer / Oracle data analyst
William Peck