icmp from lan to ikev2 muvpn client
hello,
i have a any-any filter with logging on icmp
icmp from lan to sslvpn client is ok and shows up like
Allow 192.168.22.22 192.168.113.7 echo-request/icmp Trusted tun0 Allowed 60 127 (Ping-00) proc_id="firewall" rc="100" msg_id="3000-0148" type="8" dst_user="xxx@xxx" Traffic
icmp from lan to ikev2 muvpn client shows up like
Allow 192.168.22.22 192.168.114.3 echo-request/icmp Trusted External Allowed 60 127 (Ping-00) proc_id="firewall" rc="100" msg_id="3000-0148" src_ip_nat="x.x.x.x" type="8" dst_user="xxx@xxx" Traffic
so the firewall is going to nat from die external ip instead of routing
any ideas ?
0
Sign In to comment.
Comments
disable DNAT setting in your “ICMP From Lan to IKEv2” policy
check: https://community.watchguard.com/watchguard-community/discussion/comment/4017