Phase2 entry with public remote subnet



  • Hi,

    I'm facing a complicated problem. Already tried playing with routings and so, but without luck.

    One of my IPsec tunnels ph2 entries, is defined to have, as remote subnet, a public /16 network. The tunnel has other ph2 entries with private remote subnets working properly. I suspect that somehow, as the remote subnet is public, it's not being caught by racoon.. but I've found no reference at all for this particular setup. Maybe it just can't be done, I don't know..

    Any ideas?

    Thanks,

    Rubén.



  • Doesn't matter whether it's public or private, there is no concept of public or private IPs within IPsec, they're just IPs or networks that are all treated equally. Lot of VPNs use public IPs. As long as the traffic you want to go across matches the P2 local and remote networks, it'll work.



  • That's what I thought… a network is a network. Ok, we'll continue debugging, thanks :)



  • Have a chek at the IPSec logs on each end and I'm sure you'll find the answer :)


Locked