Routing traffic from Site B to Site A using IPSEC over a GRE Interface
-
Hi,
our ISP blocks IPSEC traffic so in order to mask the ipsec traffice i have decided to create a GRE and then in it create a IPSEC tunnel.
I have created a GRE interface between 2 sites,
Site A is the hearquarter 10.0.0.1/24
site B is Branch office 10.0.0.2/24I have create a GRE between 2 sites, Site A and Site B = Ping to each other is ok
Then i created an IPSEC tunnel using the 10.0.0.1 <> 10.0.0.2 and Ipsec tunnel in P2 transport mode. = Tunnel establishedCreated GRE GateWay in Site A as 10.0.0.1 and Site B 10.0.0.2
Created Static route in Site B as 192.168.40.0/24 use GRE10.0.0.2 GW
Created Static Route in Site A as 192.168.3.0/24 use GRE 10.0.0.1 GW
Ping to the network vice versa is OK,
The Add a outbound NAT rule in Site A to throw everything from 192.168.3.0/24 to the SITE A WANBut when i do a Tcp dump and ping one of the machines from Site B in Site A I see that the Traffic is not encapsulated
I think i am missing some sort of routing rules.
My final goal is to make all traffic including related to internet to go through the Site A WANKindly Assist,
Many Thanks.
-
Hi,
I found a tutorial on YouTube which shows that the IPSec tunnel in created by wan to wan instead of GRE to GREDoesn't this negate the purpose on masking the IPSec with GRE?
https://youtu.be/YPYFcya3Qls
Any hints?
Rgd