Hi all,
I'm having trouble getting a site-to-site VPN to authenticate properly. This is in a dev environment which replicates how production will be setup. IP Addresses have been randomised but resemble the config.
Site 1 Network Config:
Internal Interface: 192.168.1.2/24 GW 192.168.1.1
WAN Interface: 120.180.10.2/32 GW 120.180.10.1
Site 2 Network Config:
WAN 1 Interface: 170.10.4.2/24 GW 170.10.4.1
WAN 2 Interface: 170.10.4.3/24 GW 170.10.4.1
Setup in uplink balance as they share the same gateway.
**Both interfaces are on the same subnet**
The goal is to connect Site 1 WAN Interface to Site 2 WAN 2 using a Site-to-Site VPN and then route the traffic out though to the internet via Site 2 WAN 1.
Remote Gateway Config:
Site 1:
Initiates connection
Connects to 170.10.4.3/24
Using PSK
VPN ID is 170.10.4.3/24
Remote Network: Any
Site 2:
Responds
Connects to 120.180.10.2/32
Using PSK
Remote Network: Any
IPsec Connection Config:
Site 1:
Local Interface: WAN
Policy: AES-256
Local Networks: Internal (Network)
Automatic Firewall Rule is checked.
Site 2:
Local Interface: WAN 2
Policy: AES-256
Local Networks: WAN 1 (Network)
Automatic Firewall Rule is checked.
The way I envisage the network is something along the lines of...
Site 1 WWW/VPN Site 2
LAN---WAN==========WAN2----WAN1--------->Internet
The ultimate goal is to route all internet-bound traffic from site 1 to site 2 where it will go out to the internet.
Can anyone offer any thoughts how I can set this up?
This thread was automatically locked due to age.
Guest User!
You are not Sophos Staff.
