Routing to IPSec addresses…
-
So, I have an IPSec VPN setup and things are working fine. I have just one problem: when I remote in via OpenVPN, the OpenVPN session can't route to the IPSec network. I can only guess that this module can't route traffic to the IPSec network. How do I add manual routes to this network to fix these issues?
-
Step 1: push a route to the OpenVPN clients for the network on the other side of the IPsec tunnel
Step 2: Add a new phase 2 to your IPsec tunnel that covers traffic from the OpenVPN subnet to the remote IPsec subnet.If you have the right route in OpenVPN and the Phase 2 in IPsec, it works fine.
-
Does that phase 2 have to exist on the other side as well?
-
Yes. IPsec always has to match up on both ends.