alexpe  Freshman Member

Thanks Peter for your help. I'll wait for Emily's reply.

Good afternoon Peter, I do not understand what you tell me. In your comment yesterday you indicated that they were firewall rules now local policies. In my remote access configuration I only have a local policy option. I leave you a picture. I don't understand where I have to add all the local and remote policy that you…

I have tried to configure it as you indicate and I am sorry to tell you that it does not work for me. If I configure a rule in the firewall it doesn't work and by putting the remote access in the same subnet as in the site to site the site to site tunnel fails. I don't know what to do with this anymore. Any other ideas to…

I made a diagram in case it helps Could you explain what you mean by is policy control rule from VPN zone to site to site zone?

my remote access is set to 192.168.50.x

I do not understand what you mean. When connecting through my remote access I need to be able to access the other three subnets of the site-to-site tunnels: 192.168.0.x 192.168.69.x and 192.168.64.x But I don't know what kind of routing rule to configure for it.

I do not understand what you mean. When connecting through my remote access I need to be able to access the other three subnets of the site-to-site tunnels: 192.168.0.x 192.168.69.x and 192.168.64.x But I don't know what kind of routing rule to configure for it.

I do not understand what you mean. When connecting through my remote access I need to be able to access the other three subnets of the site-to-site tunnels: 192.168.0.x 192.168.69.x and 192.168.64.x But I don't know what kind of routing rule to configure for it.

from the remote access 192.168.50.x I need to be able to access the three subnets: 192.168.0.x 192.168.69.x and 192.168.0.64

Exactly, I want those who connect to the remote access function to be able to access the site-to-site tunnels. The subnets are from the other tunnels I have site-to-site from my office's lan1_subnet. Two of them make a next-hop for having SNAT configuration.

Exactly, I want those who connect to the remote access function to be able to access the site-to-site tunnels. The subnets are from the other tunnels I have site-to-site from my office's lan1_subnet. Two of them make a next-hop for having SNAT configuration.

I have tried what you mentioned but it still doesn't work for me. I think the problem is in local policy What would be the correct one?

Thank you very much for your comments. I think I have not explained myself well with my problem. I have created an access to my office through L2TP tunnel I can access my office subnet without problem. In my office there are another 3 site-to-site tunnels configured with three different subnets. In those 3 subnets I have…

I do not understand what you mean. I have three subnets within the same lan. I need the L2TP tunnel over IPsec to be able to reach these three subnets.

other question, Is it possible to update the firmware by SSH to correct the problem?