Access to web server at site A via access portal at site B

We have access portal running at Site B. We need to extend a webserver at site A thought the access portal at site B. The two sites have a branch office VPN up and running. When the access portal (ie the Firewall at site B) tries to reach the webserver at site A, it routes out through the Intenet connection instead of the BOVPN connection. This is further seen by a simple diagnostic ping from the site B firewall to the site A web server. Is there a way to reach that remote server through the BOVPN?

Comments

  • edited May 2020

    lol... That "site B)" was supposed to be "site B )". Clearly I should preview next time.

  • I expect that this will work if you add the site B external interface IP addr to the BOVPN Tunnel entries at each end.
    Local at site B, Remote at site A.

  • Really?!? Why? I'm trying to figure out how that would work? I'm going to go try that, but I'm just trying to figure out what the logic is.

    I will update. Thx

  • That did work! Not sure I understand why, but THANKS!

  • Just magic ;-)

    The source IP of the packet is the firewall external interface IP addr - so now it will route over the BOVPN.

  • Thanks Bruce

  • james.carsonjames.carson Moderator, WatchGuard Representative

    Hi @JonS

    Bruce got it, the firewall sources from the external IP on a VPN connection if it doesn't own the IP, so adding the tunnel route makes it work.

    You can bounce email from firewall A to B via the same method.

    -James Carson
    WatchGuard Customer Support

Sign In to comment.