cancel
Showing results for 
Search instead for 
Did you mean: 

Client access VPN can't access site-to-site VPN resources

SOLVED
New here

Client access VPN can't access site-to-site VPN resources

I have a site-to-site vpn configured between MX and Amazon AWS.  I can access everything in both directions.  However, if I am remote and connected to the client access vpn, I can access everything attached to MX, but I can't access anything on AWS.  AWS can't ping my remote machine either.  I verified all routes are there and firewall is good.  anyone face this issue?

1 ACCEPTED SOLUTION

Accepted Solutions
Conversationalist

Re: Client access VPN can't access site-to-site VPN resources

Is the vpn-subnet in the "in VPN" configuration? And is the S2S tunnel configured to include this?
Is there any group policies applied on the traffic?
How does a traceroute behave?
If you do a packet capture on the MX and in the AWS resource, what do you see?
2 REPLIES
Conversationalist

Re: Client access VPN can't access site-to-site VPN resources

Is the vpn-subnet in the "in VPN" configuration? And is the S2S tunnel configured to include this?
Is there any group policies applied on the traffic?
How does a traceroute behave?
If you do a packet capture on the MX and in the AWS resource, what do you see?
New here

Re: Client access VPN can't access site-to-site VPN resources

first suggestion fixed it.  the client vpn subnet was not enable for the vpn.