• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

OpenVPN access to remote IPSec network

Scheduled Pinned Locked Moved OpenVPN
4 Posts 4 Posters 880 Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • B
    Blasta
    last edited by Sep 19, 2014, 1:13 PM

    Hello, community!

    IPSec tunnel is configured and accessible from local network.
    OVPN network a.a.a.0 is already added to crypromap on both sides.

    Is it possible to reach remote IPSec network from OpenVPN clients?
    if I add
    push "route b.b.b.0 255.255.255.0" to OVPN server config and add iroute b.b.b.0 255.255.255.0 to client config. Will it work?

    1 Reply Last reply Reply Quote 0
    • S
      SuMeRbOaRd
      last edited by Sep 22, 2014, 10:51 PM

      I'm trying to figure out the same thing and not having much luck.  I recall there being something related to passing traffic through due to some limitation of an IPsec and OpenVPN Certificate tunnel.  Anyone recall anything like this?

      @Blasta:

      Hello, community!

      IPSec tunnel is configured and accessible from local network.
      OVPN network a.a.a.0 is already added to crypromap on both sides.

      Is it possible to reach remote IPSec network from OpenVPN clients?
      if I add
      push "route b.b.b.0 255.255.255.0" to OVPN server config and add iroute b.b.b.0 255.255.255.0 to client config. Will it work?

      1 Reply Last reply Reply Quote 0
      • K
        kejianshi
        last edited by Sep 22, 2014, 10:55 PM

        I see ALOT of people trying to connect site A to site B

        Then site C to site B.

        Then get site A to talk to site C via site B.

        My advice?  Dump that.  Don't even try.

        Try using a full mesh VPN like TINC at all 3 points and then everything with happily talk to everything else.

        1 Reply Last reply Reply Quote 0
        • P
          P3R
          last edited by Sep 23, 2014, 7:04 AM

          @kejianshi:

          Try using a full mesh VPN like TINC at all 3 points and then everything with happily talk to everything else.

          IPSec also works. In small networks it isn't complicated to setup. With 3 sites, 3 tunnels give full mesh connectivity and no routing issues.

          1 Reply Last reply Reply Quote 0
          4 out of 4
          • First post
            4/4
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
            This community forum collects and processes your personal information.
            consent.not_received