Creating a route into ipsec tunnel - is it possible?
-
Hello everyone.
Is there any possibility to route traffic to single host or subnet into tunnel in 2.0 version?
Setup example:local network 192.168.1.0/24
local external ip 1.1.1.1
isp's gateway 1.1.1.2remote network 192.168.2.0/24
remote ipsec gateway - 2.2.2.2tunnel is up and running.
i need to route packets for 2.2.2.2 into tunnel (remote side only accepts encrypted packets after ipsec up and i have to access it by public ip, can't use private remote ips).
But i can't understand how to create routing rule for it - should i use internal ip of remote gateway to route it automatically, what interface should i use? And i'm afraid that when the tunnel will go down it won't be raised again because of that route and it's unavailability. -
You can't route over IPsec in tunnel mode in the traditional sense.
To do what you're after, you might just need an additional phase 2 entry on both ends of the tunnel for 192.168.1.0/24 <-> 2.2.2.2
-
Thank you, it worked!
