routing between two different point-to-point VPNs

[sstoppel]

I have two separate point-to-point VPNs. Site A is a satellite office, site B hosts some web servers. Site A cannot access services in site B.

The networks do not overlap. I have firewall rules allowing each to see any service in the other. The VPN config shows that the route to Site A appears as a VPN network to site B and vice-versa.

I have a continuous ping coming from A to B. On my main office sonicwall I can see in the logs "ICMP packet dropped due to policy" but can't find any other useful information, nor any policy or rule preventing it from being relayed on.

Any suggestions?

 

[NetworkTek]

I noticed you said site A cannot talk to site B. Can site B talk to site A??? Do you have IPS enabled? It sounds like an IPS policy is blocking traffic.

Network+
Inet+
MCP
MCSA 2003
MCTS

 

[sstoppel]

Argh, turns out I had one side set to the LAN zone instead of VPN zone.

 

[NetworkTek]

That will do it.

Network+
Inet+
MCP
MCSA 2003
MCTS