Multi Site VPN - 3 sites with ability to communicate over dual WAN at each site.
-
I'm looking for some help with a 3-site VPN framework and the best/most stable way of doing it.
I have 3 sites. Each site has 2 different PPPoE connections (2 internet providers) for stability. Outgoing/incoming traffic is load balanced across the 2 connections and works well.
Site A uses internal LAN 172.16.1.0/24
Site B uses internal LAN 172.16.2.0/24
Site C uses internal LAN 172.16.3.0/24Site A has a client connection on 1st ISP to Site B Server 1st ISP using UDP to port 15000 via 10.0.100.0/24
Site A has a client connection on 2nd ISP to Site B Server 2nd ISP using UDP to port 15001 via 10.0.101.0/24Site B has a client connection on 1st ISP to Site C Server 1st ISP using UDP to port 15002 via 10.0.102.0/24
Site B has a client connection on 2nd ISP to Site C Server 2nd ISP using UDP to port 15003 via 10.0.103.0/24Site C has a client connection on 1st ISP to Site A Server 1st ISP using UDP to port 15004 via 10.0.104.0/24
Site C has a client connection on 2nd ISP to Site A Server 2nd ISP using UDP to port 15005 via 10.0.105.0/24The associated Server and Client certificates and encryption are all connected and operational and all tunnels are actively connected.
The OpenVPN firewall settings permit all on each site.
I left local and remote networks empty on the server and client setups as I had Quaga OSPF running on each firewall, and the DR relationship shows both routes to each site.... I have the networks propagated to each other over OSPF this way.
I am unable to ping any site from an alternate, or access each firewall remotely so I obviously have something filtered or missing. Can someone point me in the right direction on what to check. Is this the appropriate way to connect them or should I alter something. I have remote phones that cannot afford to be disconnected from the primary PBX which is why I am trying to get it working this specific way etc.
Any help would be greatly appreciated.
Many thanks
Paul.