Route specific IP Range via IPSEC VPN.



  • Hi

    I'm trying to work out how to route some traffic.

    I have an IPSEC VPN to a remote office. Traffic to and from the remote site is fine.

    Local IP - 192.168.16.0/24
    Remote Office IP - 192.168.19.0/24

    From the remote office is a VPN to a hosted data centre.
    Host IP - 10.0.0.0/24

    From my PC I can ping anything on the 192.168.19.0/24 network, but not on the 10.0.0.0/24 network.
    If I SSH to device on 192.168.19.2 I can then ping 10.0.0.1

    From My PC if I traceroute 10.0.0.1 I see that attempt to route out via my broadband connection, so I assume I need to add a route to say any 10.0.0.0/24 traffic route via IPSEC VPN.

    Can some one advice how I do this ?
    Thanks


  • Netgate Administrator

    You need to add Phase 2 entries to cover the traffic between 192.168.16.X and 10.0.0.X. Those need to be on both tunnels.

    Steve