I currently have an SRA 4600 configured in tandem in one-armed mode on an interface of an NSA-3500. The purpose is for remote users to connect to single internal IP address. Everything has been working so far, where I create a user on the SRA, download Mobile Connect on a client, put in the IP address, uname and password, and everything works fine. The client connects to my internal network (configured on the SRA for access to a single IP and port - for my specific purpose).
Now, I need to be able to connect from a machine on my internal network to one of the remote machines through the SSL-VPN tunnel that is already established.
From the SRA, I’m able to ping the remote machine’s IP (that makes total sense since it’s connected), and also the IP address of the machine on the LAN (on a different subnet - through the NSA 3500) from where I want to initiate the traffic.
I’ve tried numerous configurations and have had no success thus far pinging the remote machine from the LAN. I thought for sure that I needed a new route added to the NSA 3500… but what I added didn’t work.
I’m not sure if is it a zone issue, firewall issue, interface issue etc. What I currently have is:
X0 - LAN 192.168.179.1/255.255.252.0
X5 - SRA 192.168.200.2/255.255.255.0
LAN Trusted X0,X2 (X2 is a different interface for a MAN connection)
SRA Public X5
[Source] Any [Destination] X5 Subnet (192.168.200.0) [Service] Any [Gateway] 0.0.0.0 [Interface] X5
Thanks in advance for any suggestions….