Routing traffic from Site B to Site A using IPSEC over a GRE Interface
our ISP blocks IPSEC traffic so in order to mask the ipsec traffice i have decided to create a GRE and then in it create a IPSEC tunnel.
I have created a GRE interface between 2 sites,
Site A is the hearquarter 10.0.0.1/24
site B is Branch office 10.0.0.2/24
I have create a GRE between 2 sites, Site A and Site B = Ping to each other is ok
Then i created an IPSEC tunnel using the 10.0.0.1 <> 10.0.0.2 and Ipsec tunnel in P2 transport mode. = Tunnel established
Created GRE GateWay in Site A as 10.0.0.1 and Site B 10.0.0.2
Created Static route in Site B as 192.168.40.0/24 use GRE10.0.0.2 GW
Created Static Route in Site A as 192.168.3.0/24 use GRE 10.0.0.1 GW
Ping to the network vice versa is OK,
The Add a outbound NAT rule in Site A to throw everything from 192.168.3.0/24 to the SITE A WAN
But when i do a Tcp dump and ping one of the machines from Site B in Site A I see that the Traffic is not encapsulated
I think i am missing some sort of routing rules.
My final goal is to make all traffic including related to internet to go through the Site A WAN
I found a tutorial on YouTube which shows that the IPSec tunnel in created by wan to wan instead of GRE to GRE
Doesn't this negate the purpose on masking the IPSec with GRE?