OpenVPN to IPSec



  • Hi, sorry, if my question already exists, but i really didn´t find any solution.

    There is an IPSec-VPN between our office (192.168.123.0) and our production-server-environment (192.168.234.0). There is an OpenVPN-Service in our office for our home-workers, too, which will use range 10.1.1.0 for the clients. Is it somehow possible, after connecting to 192.168.123.0 via OpenVPN to access network 192.168.234.0, too? This worked with PPTP but we don´t use it any longer.
    Thx for answers

    Unti



  • Hi,

    This should be very easy, I have a similar constellation.
    You only need another phase 2 entry on your IPsec tunnel (the site where your OpenVPN-Service is running) and another phase 2 entry on the other IPsec endpoint device (where your production-server-environment is running).
    If not configured, you also need another route in your OpenVPN server config (push "route 192.168.234.0 SUBNETMASK").

    Nothing more should be required.

    EDIT:

    Sorry, I forgot to mention you need to put the 10.1.1.0 network as local subnet in your new phase 2 entry.



  • Hi,

    thx for your answer. Do i have to put 10.1.1.0 in both new phase2 entries? And should these 2 entries look identically?



  • did you get tgis to work? im doing it slightly different. got A <ipsec>B <openvpn pki="">C and trying to access A from C. Added the P2 on A and B and pushed the routes on C and still can't get this to work. If you do let me know.
    Thanks</openvpn></ipsec>


Log in to reply