Route traffic between IPSEC vpns



  • Hi,

    Is it possible to route traffic between to different IPSEC vpns?

    This is my setup:

    LOCAL                        REMOTE
    VPN1: 192.168.30.0/24 <-> 10.0.0.0/16 (site-to-site)
    VPN2: 192.168.50.0/24 <-> 192.168.30.0/24 (mobile client)

    Both VPNs work as expected.

    I would like to access from 192.168.50.X to 10.0.X.X, if for example I send a ping from 192.168.50.1 to 10.0.0.1, the traffic tries to go through the WAN as if 10.0.0.1 was a public IP,

    Is there a way of achieving this? I suppose I will need a NAT rule to make traffic from 192.168.50.X appear with a 192.168.30.X when going to 10.0.X.X.

    Any hints?

    Thanks!
    Joel.



  • Hi There

    I'm no expert, but we had this same scenario and this solved it for me - add another Phase 2 to your site-site network in which you specify your mobile IPSec range as local.  And the same on the other side of your site-site tunnel.

    Hope this helps!
    Peter



  • Hi PeterJ, thank you for your answer. I'm going to try that tonight and get back with results.

    Best regards,
    Joel.



  • Just FYI:

    I was able to test it right away and it works perfectly. After adding another P2 on both endpoints, I can connect with my mobile client to my home VPN, and from there access the LAN of the site-to-site VPN.

    Thanks for your suggestion!

    Best regards,
    Joel.



  • Glad to have helped


Log in to reply