Routing everything over ipsec

  • Hi All,

    I currently have a situation where I have two LANs connected via an ipsec.  Only site 1 has internet access so I would like to send all non local subnet traffic on site 2 over my ipsec to the site 1 effectively allowing site 2 access to the internet.  I have tried specifying a route on site 2's LAN interface of with a gateway of site 1's LAN interface but that does not seem to work.  Am I missing something or is this even possible?

    This is a bit difficult to explain but effectively this is what I have:

    |–-------|              ipsec            |---------|
    | Site 1    |NIC-----------------NIC| Site 2    |
    |---------|                                  |---------|
          |                                                  |
        LAN                                            LAN

    I have been banging my head against this for a while now but cannot come up with a solution.  Any help would be much appreciated.

  • Bump

    Anyone know if this is possible?  Effectively I am trying to use a machine on the other side of my ipsec as my gateway for anything not on the local subnet.  My ipsec is working correctly and I can route to everything on both sides.  I have added a test route of into my firewall with the gateway of my firewall on the other side of my ipsec.  When I try to ping, google's open DNS server, I get 100% packet loss. When I try to traceroute to I get this output:

    traceroute: wrote 40 chars, ret=-1

    Any ideas greatly appreciated as I have pretty much exhausted everything I can think of to resolve the issue.

  • For anyone else experiencing this problem I have just found this,3701.0.html

    I'm going to give it a try now.  I'll post back how I get on.

Log in to reply