Site to Site with routing of trafic to extra vpn router
-
Hello
I have a settup with a ipsec site to site <site 24="" a="" 10.11.0.0=""><site 24="" b="" 10.11.1.0="">and this works flawless, now I need to route some specific trafic in both sites to a new gateway that creates a vpn tunnel to a center and they dont whant to involve my routers, this is placed on 10.11.0.3, I put in the static routing on site A and on site B and on site A the routing works but doing a trace from site B shows that it go straight out on internet. Im guessing I have done something wrong just dont know what.Something I notices is that in Site B under "Diagnostics > Routes" the route turns up with 10.11.1.0.3.
![IPSEC tunnels.png](/public/imported_attachments/1/IPSEC tunnels.png)
![IPSEC tunnels.png_thumb](/public/imported_attachments/1/IPSEC tunnels.png_thumb)</site></site> -
Is there anyone who knows how to do this? If there is some additional information needed that could help understanding my setup then ask away.
-
Can you post screenshots of the routing pages in Sites A and B?
-
In the end I decided to leave ipsec and use openvpn instead. I just forgot to close the tread.
-
The answer for me.. Would be to do a route add command onto pfsense and tell it where to route the traffic. And point it the new gateway. Sorry for the late reply.
-
With OpenVPN yes.
But this doesn't really work with IPSEC. -
Routing over an ipsec tunnel won't work.
What you can do is make a ipsec tunnel in transport mode and put a GRE tunnel on top, then you can route whatever you want.