Routing Problem?

[Davetoo]

I have a remote site that can't reach certain destinations across our network, and hopefully someone can point out the problem and a fix.

First, the network layout: Field office is connected to our Watchguard via an IPsec VPN tunnel. The Field office is behind a LinkSys BEFVP41 using a 10.224.0.0/24 subnet. The IPsec tunnel is configured with routing of 10.0.0.0/8->10.224.0.0/24. All of our networks are 10.x, and the Field office can "see" all of them just fine.

The problem is with a VPN connection we have going oversees through a PIX 506R. The PIX sits on the Optional Interface with a 10.32.0.2/16 subnet between the Watchguard and the PIX.

The Field office can not "see" our oversees Intranet, which is available via the PIX VPN.

I'm not good when it comes to routing, so I'm not sure even where to start looking for the solution. Any ideas?

Thanks.

I'm Certifiable, not certified.
It just means my answers are from experience, not a book.

 

[Alltimed]

Can the Trusted communicate with the optional at all? You may need a service to allow trusted-optional to communicate.

 

[Davetoo]

Yes, the trusted communicates with optional just fine from everywhere except the Field Office (which is connected through the IPsec through the Branch Office feature in the firewall).

I'm Certifiable, not certified.
It just means my answers are from experience, not a book.

 

[Frankenherder]

Check your NAT setup, you may need to add the subnet range.
This is under your policy, setup, NAT.


Matt