Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 3 replies
  • Answers 1 answer
  • Subscribers 28 subscribers
  • Views 13251 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Connect two branch office through head office

Beñat Aramburu1

Good afternoon,


I have a problem to communicate two remote offices to each other through the head office through SSL VPN. From either of the two remote offices, the services available at the head office and from the central office to any of the two remote offices can be easily accessed, but from one of the remote offices the other can not be reached and vice versa. The structure that I have implemented is the following:

 

I need to have those routers in that position because there are contracted services that directly connect to the router and it is impossible for me to put them inside the firewall in all the offices.


The configuration that I have in the main office is the following:
Port1 (NETWORK): 192.168.101.1/24
Port2 (ROUTER): 192.168.100.99/24 (The IP address of the router is 192.168.100.1)


The configuration I have in remote office 1 is as follows:
Port1 (NETWORK): 192.168.1.4/24
Port2 (ROUTER): 192.168.0.2/25 (The IP address of the router is 192.168.0.1)


The configuration that I have in remote office 2 is the following:
Port1 (NETWORK): 192.168.23.1/24)
Port2 (ROUTER): 192.168.20.2/25 (The IP address of the router is 192.168.20.1


The problem is that I do not know where to continue to be able to communicate the services of the remote offices with each other, since there is no problem whatsoever with head office.


If you need more information do not hesitate to ask me to solve this issue.

Thank you very much and greetings



This thread was automatically locked due to age.
Parents
  • 0

    How do the branches connect? Assuming they're proper offices and not just a single computer, I'll assume it's a site2site.

    For site2site to work, first of all you'll go to VPN->SSL VPN (site2site) on your central one, you'll add ALL the networks you have on local networks except your remote. On remote you leave the network as it is. Eg. on branch 1 add your central and branch2 network on local, on remote branch1. On branch2 add central and branch 1 as local, on remote branch2

    Then on firewall section of all the xgs, create a rule FROM LAN,VPN TO LAN,VPN. On local and remote networks put all your networks(if you want to access everything from vpn outside your offices(eg. your laptop on the go), I'd suggest at this point to also add the vpns address, default is something like 10.81.234.0)

    I'd do a reboot on all 3 devices and you should be ok

Reply
  • 0

    How do the branches connect? Assuming they're proper offices and not just a single computer, I'll assume it's a site2site.

    For site2site to work, first of all you'll go to VPN->SSL VPN (site2site) on your central one, you'll add ALL the networks you have on local networks except your remote. On remote you leave the network as it is. Eg. on branch 1 add your central and branch2 network on local, on remote branch1. On branch2 add central and branch 1 as local, on remote branch2

    Then on firewall section of all the xgs, create a rule FROM LAN,VPN TO LAN,VPN. On local and remote networks put all your networks(if you want to access everything from vpn outside your offices(eg. your laptop on the go), I'd suggest at this point to also add the vpns address, default is something like 10.81.234.0)

    I'd do a reboot on all 3 devices and you should be ok

Children
No Data