VM with floating IP are not reachable from remote site via VPN Service

asked 2018-05-21 05:20:42 -0500

Luca Maranzano gravatar image

Hi all,
we have a simple network topology like this:

  1. Internal Net: 10.0.0.0/24
  2. External Net with some Public IP Address available
  3. Router with 1 Public IP and 10.0.0.1 on the internal net NIC
  4. VPN Service associated to the above Router and an IPSec tunnel with one remote network

The VPN Tunnel is working fine, and from the remote site we can ping the 10.0.0.1 internal router interface.

The problem is that if we enable a Floating IP on one of the VMs (to make it reachable from the Internet on some ports), the same machine is not any more reachable from the VPN tunnel, if we remove the Floating IP the connection via VPN is ok.

It seems that when the Floating IP is enabled the Virtual Router will not route correctly the remote private LAN into the tunnel.

Is this a known issue or is there something wrong in our setup? May be a missing security policy configuration ?

Thanks in advance.
Best regards,
Luca

edit retag flag offensive close merge delete