Comments
-
ok, i'm silly :) I'd tried a rule like this, but it didn't work, as I'd forgotten to change the policy order list. of course it works much better with the rule at the top of the list :D Thanks Bruce!
-
ok, thanks!
-
strange, all my firebox are in fully managed mode...
-
ok thanks but for the moment, it's too complicated for me to use managed bovpn (specialy because of the lack of hairpinning on isp box), i'm going back to manual settings for bovpn.
-
ok, sorry, i'm stupid :) if i cannot manage gateway after changing ip, it's just because of me, i've forgot to add a policy to allow 4105, 4117, and 4118 from internal network to external (no default policy to allow all ports internal -> external in my config, all must be explicit with a policy) , so of course wsm cannot…
-
it's probably because of the NAT Hairpinning is not allowed on my isp box. no possibility to set, for the gateway, one internal ip for managing task and one external ip for vpn settings?
-
but if i do that (i have to do it already for "external" firebox,otherwise I can't manage them) for the gateway firebox, i lose ability to manage it from wsm... i've tried to play with policy to allow internal management (install wsm without gateway and configure gateway manualy after), but without succes.