Hi

I'm currently using a watchguard x5500 connecting to a vigor 2800g. I have the vpn setup and working correctly (gain access to network resources ok) but any http traffic to external sites (www.google.co.uk) doesn't seem to work when clicking "change default route to this VPN tunnel"in the Lan to lan setup.

Any ideas why?

we have the same setup with a vigor 2600g and this works fine allowing all traffic through the vpn tunnel.

Hi,

Did you solve this? I am having the same problem between a 2820 and a 3300 where:

2820 - 10.10.12.0/24
3300 - 10.10.10.0/24

I can send traffic destined for those IPs both ways down the IPsec tunnel, from either LAN, but when I check the "change default route to this VPN tunnel" box on the 2820, all traffic other than traffic to 10.10.10.0/24 times out. Unchecking the box allows traffic again. I've been testing this with a persistant PING against an IP address on the Internet that I know replies to ICMP.

There seem to be many threads on this forum about similar problems, but with no concrete answers.

I still haven't managed to solve this.

I have tried everything I can think of including firewall rule changes on the x5500, creating a new tunnel with different ip ranges, factory restets on the router. A list as long as my arm full of ideas but to no avail.

I have been told that there is no difference between the 2600 and 2820 but there must be as I have some 2600 that work fine using the "change default route to this VPN tunnel".

To me it appears that there must be something in the routing on the 2820 that isn't quite working but I can't see what it might be.