Site to Site non-meraki VPN. I can ping them but they can't ping me.
We have set up a non-meraki site to site VPN. The status of the VPN shows green. And from the MX dashboard I can ping their router. But they cannot ping the MX on their side.
Any Ideas? Would AMP and intrusion Prevention be the cause?
Also I had them set the MX as the next hop IP for all traffic on their VPN subnet. The reason being is the User is in Switzerland and wants to Use the VPN so he can have an American IP to use for services like Hulu and netflix ...ect.
The router I'm told they have is a Sophos Red. If anyone is familiar with this router I'd appreciate a little help in directing the Swiss team on what settings they need to be looking at.
Re: Site to Site non-meraki VPN. I can ping them but they can't ping me.
Hi @trunolimit also check your firewall settings on the MX under Security & SD-WAN > Configure > Firewall and there is a section for "Security Appliance Services" where you should be able to specify the remote IPs allowed for ICMP.