Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 3 replies
  • Answers 1 answer
  • Subscribers 28 subscribers
  • Views 13253 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Connect two branch office through head office

Beñat Aramburu1

Good afternoon,


I have a problem to communicate two remote offices to each other through the head office through SSL VPN. From either of the two remote offices, the services available at the head office and from the central office to any of the two remote offices can be easily accessed, but from one of the remote offices the other can not be reached and vice versa. The structure that I have implemented is the following:

 

I need to have those routers in that position because there are contracted services that directly connect to the router and it is impossible for me to put them inside the firewall in all the offices.


The configuration that I have in the main office is the following:
Port1 (NETWORK): 192.168.101.1/24
Port2 (ROUTER): 192.168.100.99/24 (The IP address of the router is 192.168.100.1)


The configuration I have in remote office 1 is as follows:
Port1 (NETWORK): 192.168.1.4/24
Port2 (ROUTER): 192.168.0.2/25 (The IP address of the router is 192.168.0.1)


The configuration that I have in remote office 2 is the following:
Port1 (NETWORK): 192.168.23.1/24)
Port2 (ROUTER): 192.168.20.2/25 (The IP address of the router is 192.168.20.1


The problem is that I do not know where to continue to be able to communicate the services of the remote offices with each other, since there is no problem whatsoever with head office.


If you need more information do not hesitate to ask me to solve this issue.

Thank you very much and greetings



This thread was automatically locked due to age.
Parents
  • 0

    Hello,

     

    Once the VPN SSL are UP, you should add the routes and create the firewall rules.

     

    Use the tracert on remote sites and the log viewer to help you to debug.

  • 0 in reply to scaledem

    Good morning,

    After carrying out different tests with the firewalls, I managed to get the firewall that makes the tracert to allow the passage of traffic and exit through the port that has to leave, but the tracert does not pass beyond the first jump.

    Verifying if the firewall receives the packet from the central office, it has not even gotten to enter the information, therefore I think I still have problems in the configuration of the remote offices. In the following image you can see the tracert to the main office and to the other remote office.

    I have also configured the static route but I do not know if it is properly configured. I'm a mess because I think that instead of leaving port 2 should use the vpn port or maybe I'm confused.


    Where can I go? Do you need more information to help me?

     

    Thank you

Reply
  • 0 in reply to scaledem

    Good morning,

    After carrying out different tests with the firewalls, I managed to get the firewall that makes the tracert to allow the passage of traffic and exit through the port that has to leave, but the tracert does not pass beyond the first jump.

    Verifying if the firewall receives the packet from the central office, it has not even gotten to enter the information, therefore I think I still have problems in the configuration of the remote offices. In the following image you can see the tracert to the main office and to the other remote office.

    I have also configured the static route but I do not know if it is properly configured. I'm a mess because I think that instead of leaving port 2 should use the vpn port or maybe I'm confused.


    Where can I go? Do you need more information to help me?

     

    Thank you

Children
No Data