IPSEC tunnel between two sites not working as it should
-
For about two years now I have a site-to-site IPSEC tunnel between my main site and backup site.
Recently I've started with network segmentation (vlans) on my main site (A). After a few months of running stable on site A I've decided to also implement this on my backup site (B).After adjusting the IPSEC with a new phase 2 that allows from site A 192.0.0.0/18 towards site B 192.0.64.0/18 it seems that the tunnel isn't working as it should.
I can RDP, VNC towards the servers on site B, and from site B towards the servers of site A. But when I try to access let's say the webinterface of the switches on site B I'm hitting and blank pages and receive timeouts in putty while I'm SSH'ed into the switch.
Or I see DNS issues for my AD (MS server 2016) and replication acting very strangely.
Pings work within normal delays +- 20ms.
The set up is a follows
Site A and site B-
LAG with vlans
-
Interfaces assigned to LAG with corresponding vlan
-
Network settings set (e.g. interface address static)
-
FW rules set to basic any-any, same goes for IPSEC
-- removed images for privacy --
The switches are set (to my knowledge) correctly and have inter-vlan capability.
And it all worked before I implemented VLANs on site B. I'm feeling I'm overlooking something and it's driving me nuts.
If someone encountered something similar or has some pointers they are really appreciated :)
-
-
Issue resolved!
Believe it or not it was a f****** reboot that solved it...
Probably the firewall still had some old caches or something still in it's memory...