08-08-2011 03:25 AM
i have setup a site-to-site vpn between 2 ssg and tunnel is established. from the logging, the traffic from ssg A is passing thru the tunnel. but at the ssg B, there is no incoming traffic from ssg A. same thing happen from ssg B to ssg A. anyone can help?
08-23-2011 10:39 AM
Are you saying traffic is not passing through or traffic is traversing the tunnel but you are not logging any traffic? Most common issue I've seen is not using the correct zones. If you you are using route based VPN, confirm the tunnel interface is in the correct zone. By default, when creating a tunnel interface, it places the interface in the TRUST zone so your policy will be TRUST > TRUST, which is allowed by default (IntraZone policy) and if you're logging from UNTRUST > TRUST and vice versa, you will not see traffic match because the tunnel interface is not in the UNTRUST zone.
If that's not it, provide some additional details about the configuration and if possible, post your configuration (specific to the VPNs).