Route traffic between IPSEC vpns

  • Hi,

    Is it possible to route traffic between to different IPSEC vpns?

    This is my setup:

    LOCAL                        REMOTE
    VPN1: <-> (site-to-site)
    VPN2: <-> (mobile client)

    Both VPNs work as expected.

    I would like to access from 192.168.50.X to 10.0.X.X, if for example I send a ping from to, the traffic tries to go through the WAN as if was a public IP,

    Is there a way of achieving this? I suppose I will need a NAT rule to make traffic from 192.168.50.X appear with a 192.168.30.X when going to 10.0.X.X.

    Any hints?


  • Hi There

    I'm no expert, but we had this same scenario and this solved it for me - add another Phase 2 to your site-site network in which you specify your mobile IPSec range as local.  And the same on the other side of your site-site tunnel.

    Hope this helps!

  • Hi PeterJ, thank you for your answer. I'm going to try that tonight and get back with results.

    Best regards,

  • Just FYI:

    I was able to test it right away and it works perfectly. After adding another P2 on both endpoints, I can connect with my mobile client to my home VPN, and from there access the LAN of the site-to-site VPN.

    Thanks for your suggestion!

    Best regards,

  • Glad to have helped

Log in to reply