4. Route from one ipsec to another

Route from one ipsec to another

  • T

    Is it possible to have a router connect 1 ipsec site to another like so:

    subnet 1 > remote ipsec 1 >>>>>>> main office >>>> remote ipsec b > subnet b

    I need remote subnet b to have connectivity to remote subnet 1, but it has to tunnel through the main office, is this possible?

    would this use the binat setting?

    0
  • C

    Yes it's possible. No, don't use NAT. Just add matching P2s so site B sends site A's subnet via its main office connection, same for site A with site B's subnet.

    0
  • T

    Yes, I already tried that, SAs come up green, but cant move traffic.

    I have Main office, and new satellite office B,

    For a long time at the main office, I have had 2 ipsec VPNs to 2 vendor networks: Site1, Site2, I wish OfficeB could access devices on these vendor networks, but it can only ping the main office, the main office has no trouble pinging everyone…. some sort of routing problem?

    This is the main office side:

    Then the satellite office:

    I should be able to ping 10.1.x.51 from officeB, but it only works at the main.

    I am also using manual out NAT, do I need to create rules for the ipsec interfaces? Which interface would the rule apply to?

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy