Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    IPSEC between 3 sites with no direct tunnel from A to C

    Scheduled Pinned Locked Moved IPsec
    3 Posts 2 Posters 339 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      ravmeister21
      last edited by ravmeister21

      I need some help to shed me some lights over an IPsec tunneling. Here I will explain on my current setup.

      Site A <-------IPSEC------> Site B (HUB) <------IPSEC------> Site C 192.168.10.1/24 192.168.20.1/24 192.168.30.1/24

      Tunneling from Site A to Site B & Site B to Site C are working fine. However Site A is not able to reach Site C directly and vice versa. And I also want for site A to carry site B LAN IP to communicate with site C.

      On Site A the phase 2 entry: Local: LAN Subnet Nat / Binat: None Remote: Network (192.168.20.1/24)

      On Site C the phase 2 entry: Local: LAN Subnet Nat / Binat: None Remote: Network (192.168.20.1/24)

      On Site B there are 2 IPSec Tunnels:

      Site A Phase 2 entry: Local: LAN Subnet Nat: None Remote: Network (192.168.10.1/24)

      Site C Phase 2 entry: Local: LAN Subnet Nat: None Remote: Networ (192.168.30.1/24)

      Kindly let me know if you may require any other information. Thank you in advance.

      1 Reply Last reply Reply Quote 0
      • T
        Thale
        last edited by

        I would think at a minimum you would need to enter some routing rules in sites A & C. In site A, route traffic for 192.168.30.0 to site B. On site C do the opposite.

        1 Reply Last reply Reply Quote 0
        • T
          Thale
          last edited by

          Also see this post, it is very similar to what you're trying to do and the OP lays out his solution nicely.
          https://forum.netgate.com/topic/143368/route-traffic-between-two-ipsec-tunnels/6

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.