L3 site-to-site one-way communication
Posted: Fri Apr 12, 2024 2:19 am
Dear friends,
I am a novice with SoftEther, and after reading the manual and browsing forums, I have set up communication between two sites using an L3 virtual switch and cascading.
Site 1 - BJ (Main Site)
Server IP: 172.17.3.107/24
Gateway/L3 virtual interface: 172.17.3.252
Site 2 - SH (Branch)
Server IP: 192.168.11.50/24
Gateway/L3 virtual interface: 192.168.11.252
I then set up interconnectivity between the two sites using a Windows PC, adding routes on each test machine.
Currently, communication between the two sites is good, but now I want to achieve one-way communication, where 192.168.11.0/24 can access 172.17.3.0/24, but not vice versa.
I tried configuring the virtual hub's access list management by adding 'discard' rules and 'pass' rules, where the 'pass' rules have higher priority than the 'discard' rules. I set it up like this:
-'Pass rule': Source IP address 192.168.11.0, Subnet mask 255.255.255.0, Destination IP address 172.17.3.0, Subnet mask 255.255.255.0
-'Discard' rule: Opposite of the above pass rule
However, as soon as I enable the 'discard' rule, communication between BJ and SH stops. What should I do?
Thank you in advance.
I am a novice with SoftEther, and after reading the manual and browsing forums, I have set up communication between two sites using an L3 virtual switch and cascading.
Site 1 - BJ (Main Site)
Server IP: 172.17.3.107/24
Gateway/L3 virtual interface: 172.17.3.252
Site 2 - SH (Branch)
Server IP: 192.168.11.50/24
Gateway/L3 virtual interface: 192.168.11.252
I then set up interconnectivity between the two sites using a Windows PC, adding routes on each test machine.
Currently, communication between the two sites is good, but now I want to achieve one-way communication, where 192.168.11.0/24 can access 172.17.3.0/24, but not vice versa.
I tried configuring the virtual hub's access list management by adding 'discard' rules and 'pass' rules, where the 'pass' rules have higher priority than the 'discard' rules. I set it up like this:
-'Pass rule': Source IP address 192.168.11.0, Subnet mask 255.255.255.0, Destination IP address 172.17.3.0, Subnet mask 255.255.255.0
-'Discard' rule: Opposite of the above pass rule
However, as soon as I enable the 'discard' rule, communication between BJ and SH stops. What should I do?
Thank you in advance.