This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Issues with web-access after routing 0.0.0.0/0 over IPsec

Hi all,

We've started routing all our remote office traffic via our data-center using IPsec setting 0.0.0.0/0 as local network in our data-center and whatever IP-ranges used in the remote office as remote networks and vice versa on the other end.

After doing this we've started experiencing issues with web-traffic where we get timeouts and serious delays, running tests directly from the data-center doesn't show any of these issues so we're pretty certain that it's related to the IPsec tunnel. We're seeing the same issue with both Astaro VPN gateways in the remove offices and StrongSwan installations.

Please advice

This thread was automatically locked due to age.

Parents

0 BAlfson over 15 years ago

In some situations, the object "Internet" in combination with truely local networks works better than "Any" in 'Local Networks' in the IPsec Connection definition, so we've developed a habit of doing that.

One of the reasons people get "strange" routing issues is that they have bound some network definitions to a specific interface. You might want to check that all of your definitions have 'Interface:' ">" and so are not bound to a specific interface.

Cheers - Bob
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 BAlfson over 15 years ago

In some situations, the object "Internet" in combination with truely local networks works better than "Any" in 'Local Networks' in the IPsec Connection definition, so we've developed a habit of doing that.

One of the reasons people get "strange" routing issues is that they have bound some network definitions to a specific interface. You might want to check that all of your definitions have 'Interface:' ">" and so are not bound to a specific interface.

Cheers - Bob
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data