Route traffic between IPSEC vpns
-
Hi,
Is it possible to route traffic between to different IPSEC vpns?
This is my setup:
LOCAL REMOTE
VPN1: 192.168.30.0/24 <-> 10.0.0.0/16 (site-to-site)
VPN2: 192.168.50.0/24 <-> 192.168.30.0/24 (mobile client)Both VPNs work as expected.
I would like to access from 192.168.50.X to 10.0.X.X, if for example I send a ping from 192.168.50.1 to 10.0.0.1, the traffic tries to go through the WAN as if 10.0.0.1 was a public IP,
Is there a way of achieving this? I suppose I will need a NAT rule to make traffic from 192.168.50.X appear with a 192.168.30.X when going to 10.0.X.X.
Any hints?
Thanks!
Joel. -
Hi There
I'm no expert, but we had this same scenario and this solved it for me - add another Phase 2 to your site-site network in which you specify your mobile IPSec range as local. And the same on the other side of your site-site tunnel.
Hope this helps!
Peter -
Hi PeterJ, thank you for your answer. I'm going to try that tonight and get back with results.
Best regards,
Joel. -
Just FYI:
I was able to test it right away and it works perfectly. After adding another P2 on both endpoints, I can connect with my mobile client to my home VPN, and from there access the LAN of the site-to-site VPN.
Thanks for your suggestion!
Best regards,
Joel. -
Glad to have helped