4. IPSEC between 3 sites with no direct tunnel from A to C

IPSEC between 3 sites with no direct tunnel from A to C

  • R

    I need some help to shed me some lights over an IPsec tunneling. Here I will explain on my current setup.

    Site A <-------IPSEC------> Site B (HUB) <------IPSEC------> Site C 192.168.10.1/24 192.168.20.1/24 192.168.30.1/24

    Tunneling from Site A to Site B & Site B to Site C are working fine. However Site A is not able to reach Site C directly and vice versa. And I also want for site A to carry site B LAN IP to communicate with site C.

    On Site A the phase 2 entry: Local: LAN Subnet Nat / Binat: None Remote: Network (192.168.20.1/24)

    On Site C the phase 2 entry: Local: LAN Subnet Nat / Binat: None Remote: Network (192.168.20.1/24)

    On Site B there are 2 IPSec Tunnels:

    Site A Phase 2 entry: Local: LAN Subnet Nat: None Remote: Network (192.168.10.1/24)

    Site C Phase 2 entry: Local: LAN Subnet Nat: None Remote: Networ (192.168.30.1/24)

    Kindly let me know if you may require any other information. Thank you in advance.

    0
  • T

    I would think at a minimum you would need to enter some routing rules in sites A & C. In site A, route traffic for 192.168.30.0 to site B. On site C do the opposite.

    0
  • T

    Also see this post, it is very similar to what you're trying to do and the OP lays out his solution nicely.
    https://forum.netgate.com/topic/143368/route-traffic-between-two-ipsec-tunnels/6

    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy