Hi All
I am attempting to setup a L2l between our main office and branch office we already have a L2L setup on the primary wan IP and this is working fine.
We need to add a secondary network to be able to get to this site over the L2L when working off of our SSL VPN client from our main firewall.
We added the second networks to the existing tunnel at both ends (ticking the require seperate phase 2 pa) and the tunnel did come up however when we used the SSL vpn client it disconnected the primary L2L if you pinged to a remote resource, then if you ping again from the primary lan it brings back the primary L2L tunnel and cuts off the secondary SSL VPN client tunnel, all attempts at fixing it have failed.
we therefore decided to get a secondary external WAN IP add that as an alias to the draytek and setup a completely seperate tunnel to get around the issue.
We now cannot establish this tunnel, my guess is that the actual L2L is sending out over the WAN primary address instead of the secondary alias address however there does not seem to be an option on the draytek to do this the only option is WAN2.
I could add the secondary wan ip alias to the ip pool however I believe it is random in how it does sends out the data which will be no use for VPN.
I have tried setting the secondary Wan ip alias in the L2L settings for my wan ip which I thought may override it but the tunnel seems to start and then just die.
settings checked both ends for phase and encryption so at a loss as to what to do next.
the firewall at the main office end is a watchguard and is new to us.
any help is appreciated.
Lee
