I have set firewall rules to allow 192.168.71.0/24 And 10.1.2.0/24. Still no Internet without split tunneling over vpn.
Jeremy Sent from my Verizon Wireless 4G LTE smartphone -------- Original message -------- From: Jeremy Peterson <[email protected]> Date: 8/29/2015 10:00 AM (GMT-06:00) To: [email protected] Subject: VPC VPN Connectivity Issues I am not sure if this was asked or answered but googling has led me no where. I am running cloudstack 4.5.0, XenServer 6.5, Advanced networking w/ VLAN segmentation. I have a VPC setup which i am using a IPSec tunnel back to a zywall firewall and a monowall firewall. Monowall Cloustack VPC zywall 192.168.1.0/24 192.168.2.0/24 192.168.71.0/24 Tunnels are setup in vpc for both locations and servers in cloudstack can connect to the world and connect to the monowall and zywall networks. Everything is fine with that but when I have a remote user that needs to VPN into the cloudstack VPC is where i am thrown into a whirlwind of questions. I setup a VPN connection on the VR for the VPC. I setup username/password. The user sets up the connection on his Mac OSX and using split tunnel can connect to the VPN. My VPN network is 10.1.2.0/24 He receives a 10.1.2.3 ip address. He is unable to ping the IPSec Tunnel gateways 192.168.1.1 and 192.168.71.1. He can get to the world as his default gateway is his router. I switched to push all traffic over the VPN to remove the split tunnel. He is able to ping the 10.1.2.1 gateway on the VR He is able to ping his gateway the VPC router 10.1.2.1. He is able to ping the VPC network's gateway 192.168.2.1 He is unable to get to the world. I try to ping google dns 8.8.8.8 and it doesnt' get past the VR 10.1.2.1 in traceroutes. I am looking for help on this as i'm confused. If I change him back to a split tunnel as that would be prefered why is the tunnel not annoucing all networks know to the VR. I was able to recreate this issue on windows 8.1. ?Jeremy
