I have an Adtran NetVanta 3448 and a Sonicwall NSA 3500 that at long last I have established a site-to-site IKE/IPSec VPN connection over. The tunnel shows as up from both ends.
From Site A (SonicWall), I can contact Site B (Adtran). I can NOT Contact Site A from Site B. Here's a quick look at how I'm set up:
- Site A – 10.0.0.0 / 255.255.0.0 (LAN) –> X.X.131.90 (WAN)
- Site B – 10.10.0.0 / 255.255.0.0 (LAN) –> X.X.58.218 (WAN)
Upon running a packet inspection from the SonicWall (Site A), it is showing that the packets from X.X.58.218 (Site B WAN) are being CONSUMED rather than FORWARDED.
Can anyone help to point me in the right direction on what might be causing traffic to only flow one way?
Best Answer
This depends on the firewall rules you have. So, on SonicWall, if you enable source 10.0.0.0/24 to communicate with 10.10.0.0/24, but on the Adtran you didn't allow the same, the traffic will drop on the Adtran. But if the traffic is allowed on Adtran, then it will pass and response will pass as well .. This has to work both ways.
If the source is 10.10.0.0/24, then on both firewalls, you have to allow source 10.10.0.0/24 to communicate with 10.0.0.0/24