Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    OpenVPN access to remote IPSec network

    OpenVPN
    4
    4
    598
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      Blasta last edited by

      Hello, community!

      IPSec tunnel is configured and accessible from local network.
      OVPN network a.a.a.0 is already added to crypromap on both sides.

      Is it possible to reach remote IPSec network from OpenVPN clients?
      if I add
      push "route b.b.b.0 255.255.255.0" to OVPN server config and add iroute b.b.b.0 255.255.255.0 to client config. Will it work?

      1 Reply Last reply Reply Quote 0
      • S
        SuMeRbOaRd last edited by

        I'm trying to figure out the same thing and not having much luck.  I recall there being something related to passing traffic through due to some limitation of an IPsec and OpenVPN Certificate tunnel.  Anyone recall anything like this?

        @Blasta:

        Hello, community!

        IPSec tunnel is configured and accessible from local network.
        OVPN network a.a.a.0 is already added to crypromap on both sides.

        Is it possible to reach remote IPSec network from OpenVPN clients?
        if I add
        push "route b.b.b.0 255.255.255.0" to OVPN server config and add iroute b.b.b.0 255.255.255.0 to client config. Will it work?

        1 Reply Last reply Reply Quote 0
        • K
          kejianshi last edited by

          I see ALOT of people trying to connect site A to site B

          Then site C to site B.

          Then get site A to talk to site C via site B.

          My advice?  Dump that.  Don't even try.

          Try using a full mesh VPN like TINC at all 3 points and then everything with happily talk to everything else.

          1 Reply Last reply Reply Quote 0
          • P
            P3R last edited by

            @kejianshi:

            Try using a full mesh VPN like TINC at all 3 points and then everything with happily talk to everything else.

            IPSec also works. In small networks it isn't complicated to setup. With 3 sites, 3 tunnels give full mesh connectivity and no routing issues.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post