chained ipsec tunnels and routing issues
-
Hello here,
i'm trying to build a rather complex setup which chains multiple ipsec tunnels.
to put it simply here is the setup:
network1==>pfsense(ipsec)<==>pfsense(ipsec)<==network2==>strongswan(ipsec)==>network3network1: 192.168.10.0/24
network2: 192.168.0.0/24
network3: 172.19.0.0/16from network1 and network3 i can access network2 no problem
but I can't access network3 from network1 and vice-versa
Any clues on how to fix that ?
Thanks a lot for your help folks :)
Cheers,
-
Every step needs P2 entries for every possible combination of traffic.
- On both sides of the tunnel from 1<->2, it needs P2s for 1-2 and 1-3.
- On both sides of the tunnel from 2<->3, it needs P2s for 2-3 and 1-3.
Expanded a bit:
Site 1 tunnel 1<->2 has P2s:
- Local 1 / Remote 2
- Local 1 / Remote 3
Site 2 tunnel 2<->1 has P2s:
- Local 2 / Remote 1
- Local 3 / Remote 1
Site 2 tunnel 2<->3 has P2s:
- Local 2 / Remote 3
- Local 1 / Remote 3
Site 3 tunnel 3<->2 has P2s:
- Local 3 / Remote 2
- Local 3 / Remote 1