This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

IPSec VPN routing

We have 2 ASG220 with IPSec VPN 7.403
AS A needs to be the default GW for all internal networks, including the internal network of AS B

on AS A (Default GW) in IPSec->Connections->LocalNetworks we include and "Any"
On AS B in IPSec-> Remote Gateways -> Remote Networks we include "Any"
That way AS A is the single point for NAT / Proxy / Packet Rules etc.

Once the VPN tunnel with IPSec is up, it works fine, EXCEPT AS B is not reachable (ping, https) on it's public address anymore.

Without the "Any" definition, AS B is reachable from public, but would have to do it's own NAT etc.
Strict Routing on or off makes no difference.

Any clue ?

This thread was automatically locked due to age.

0 BAlfson over 16 years ago

I have to admit, I'm a bit confused without pictures. I think you have 'Any' in the wrong place. Take this out of Remote gateway for AS B and out of Local Netowrks for AS A.
Cancel
Vote Up 0 Vote Down

Cancel
0 elbracht over 16 years ago in reply to BAlfson

Taking "Any" out on both sides results in AS B internal network not beeing routed thru AS A's so AS B would need it's own NAT / Proxy / Packet Rules etc.

I have attached a basic diagram
- Zeichnung1.jpg
- View
- Hide
Cancel
Vote Up 0 Vote Down

Cancel