Issue with access to site connected to remote via IPSec
-
Hi guys,
Sorry this title isn't great, but I'll try to explain what's going on.
I have let's say 3 sites
Site1 is an office
Site2 is on a datacenter
Site3 is a cloud providerI have an IPSec VPN Site-to-Site connecting Site 1 to Site 2, and everything is working perfectly;
I have an IPSec VPN Site to Site connecting Site 2 to Site 3 and everything is working perfectly;
I cannot for the life of me connect from Site1 to Site3 via Site2.I added a static route on Site1 for the subnet on Site3 using the gateway I use to connect from Site1 to Site2
On Site3 I have added Site1 network to all access lists and wherever.When I do a trace route from Site1 to Site3, the last hop is on the IP address of the VTI tunnel on the side of Site2 of the Site1 to Site2 connection.
I also added all the rules to the IPSec interfaces firewall on site1 and site2. I'm really not figuring why I'm not getting to Site3 from Site1 via Site2.
Any suggestions? Thanks -
@maverickws said in Issue with access to site connected to remote via IPSec:
I added a static route on Site1 for the subnet on Site3 using the gateway I use to connect from Site1 to Site2
On Site3 I have added Site1 network to all access lists and wherever.You also need a return route on Site 3 to Site 1.
Do the same you did on Site 1, but on Site 3, on the opposite direction. -
@mcury yeah that sorted it. I thought that by adding the network to the VPN settings it would automatically add it to the routing table, but it didn't
-
@maverickws said in Issue with access to site connected to remote via IPSec:
yeah that sorted it. I thought that by adding the network to the VPN settings it would automatically add it to the routing table, but it didn't
in VTI with static routes, that is required.
Glad that it sorted out.
