Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 1 subscriber
  • Views 653 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

VPN routing problem

Andre_01
Hi, we have some subnet routing problems. here is our network config


187.0.1.0/24
|
(?) [CISCO PIX]
|
|
10.100.3.101 [CISCO PIX]
|
|
10.100.3.100 [Astaro1 Eth2]
10.100.0.100 [Astaro1 Eth1] ------ 10.100.0.0/24
|
| (VPN)
|
192.168.20.1 [ Astaro2] ---- 192.168.20.0/24

So, 
1)  i can reach from 10.100.0.x 187.0.1.x.
2) i can reach from 192.168.20.x 10.100.0.x and 10.100.3.x

But i can not reach from 192.168.20.x 187.0.1.x.  

i) We have set on astaro2 a static route ( 187.0.1.0/24 =>10.100.3.101 )
ii) we see packets passing the astaro2 to 187.0.1.x
iii) but no incoming packets at astaro1 ...

what the problem ? can i route traffic over vpn with "vpn-tunnel-foreign" subnets ?

please help

thanks.


This thread was automatically locked due to age.
Parents Reply
  • 0 in reply to Andre_01
    Don't think this will work. Theo. you could use a ANY (local and remote subnet) tunnel between Astaro1 and Astaro2, that would cause all traffice between them be encrypted (like a transport mode). But I never tested something like that. 

    Only other way is to establish a tunnel with the PIX infront of the 187.0.1.0/24 network.
Children
No Data
Cookie Information Banner