IKEv2 trusted application responding to external interface
Hello,
I'm hoping someone can help us. we have recently moved back to Watchguard Firewall and setup Mobile VPN using the IKEv2 option.
All connections across the VPN work, apart from this one application.
When I watch the logs in traffic monitor the response is returning to the clients private IP address. Not the IP address given by the VPN. as below:
I have also setup SSL VPN and i'm getting the same results. I had thought it was a NAT setting, but i feel like i've tried every option and still no joy.
Has anyone experienced this before? What am I missing?
regards
Alex
0
Sign In to comment.
Answers
Hi @Smeg_IT
Unhandled internal packet suggests that there isn't a rule to handle that traffic.
I don't know why the client's private IP is showing up -- I'd suggest opening a support case so that our team can look at the logs with you and suggest any changes that might need to happen.
-James Carson
WatchGuard Customer Support
Hi James
Thank you for your reply.
When I created a rule for the outbound traffic it didn't make any difference. The application just times out on the client.
I already have a support case open, but their answer was that the application server is the problem. But the application server hasn't changed for over 10 years. it works on our current firewall and worked with our previous one (which was watchguard). All the configuration appears to be identical.
This is why I came here to see if anyone had come across the same issue.
regards
Alex
Perhaps a packet capture in the application server will indicate what is going on.