Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    IPSec question…

    IPsec
    4
    7
    4.2k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N
      NoDoze
      last edited by

      Office A is the HQ office.
      Office B is a satellite office
      Office C is a satellite office

      Both offices B and C have IPSec tunnels connecting to office A.
      Files, folders, IP phones all connect ok to office A and vise versa.

      However then trying to send/recieve files/folders/IP phone from office B to office C or vise versa, this doesn't work.
      Only communications through office A work, when communicating from office B to C, they don't work.

      My question is, why is this?

      Have I input an incorrect DNS or Gateway IP?
      Is there additional settings I have to implement?

      Thanks for any info you could share, much appreciated.

      1 Reply Last reply Reply Quote 0
      • E
        EmL
        last edited by

        you have to "supernet" it with a bigger subnet mask in IPSec settings which contains all 3 Subnets! Routing across Tunnels ist not possible with 1.2 …

        EmL

        1 Reply Last reply Reply Quote 0
        • N
          NoDoze
          last edited by

          you have to "supernet" it with a bigger subnet mask in IPSec settings which contains all 3 Subnets!

          …could I get a translation on that please...? Thanks.

          I'm guessing that means, no?

          1 Reply Last reply Reply Quote 0
          • dotdashD
            dotdash
            last edited by

            Why not just make tunnels from B to C and C to B?

            1 Reply Last reply Reply Quote 0
            • N
              NoDoze
              last edited by

              hehe…that was my example... the reality is that it's actually one HQ office, and 4 field offices...

              ...would creating tunnels between ALL these field offices work?

              ...that would be 20 tunnels! Sheeesh LOL....

              1 Reply Last reply Reply Quote 0
              • E
                EmL
                last edited by

                @NoDoze:

                …could I get a translation on that please...? Thanks.

                I'm guessing that means, no?

                Net A = 192.168.0.0 /24
                Net B = 192.168.1.0 /24
                Net C = 192.168.2.0 /24

                Subnet  in IPSec settings
                192.168.0.0 /22
                (= 192.168.0.0 / 255.255.252.0)
                (= 192.168.0.1 - 192.168.3.254)

                EmL

                1 Reply Last reply Reply Quote 0
                • J
                  jcpolo
                  last edited by

                  I assume this work work with the following solution to as the remote branches are all a "class c" subnet correct? and just creating a "class b" subnet on the HQ location would allow traffic to pass between the remote sites?

                  A 192.168.0.0/22 HQ
                  B 192.168.2.0/24 Remote
                  C 192.168.3.0/24 Remote
                  D 192.168.4.0/24 Remote
                  E 192.168.5.0/24 Remote
                  F 192.168.6.0/24 Remote
                  G 192.168.7.0/24 Remote
                  H 192.168.8.0/24 Remote
                  J 192.168.9.0/24 Remote

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.