News: This forum is now permanently frozen.
linktree m0n0wall Forum  >  m0n0wall Support (English)  >  VPN
linktree Topic: Hub and Spoke VPN, CIDR, Routing.
Pages: [1]
Topic: Hub and Spoke VPN, CIDR, Routing.  (Read 1563 times)
« on: January 02, 2012, 19:37:37 »
ozpass *
Posts: 1
Hello all.

Little conundrum I could use your assistance with...

4 remote sites, and a datacentre.  5 instances of monowall in total.

Site 1 - 172.16.0.0/24 monowall = 172.16.0.2
Site 2 - 172.17.0.0/24 monowall = 172.17.0.2
Site 3 - 172.18.0.0/24 monowall = 172.18.0.2
Site 4 - 172.19.0.0/24 monowall = 172.19.0.2
Datacentre - 172.20.0.0/24 monowall = 172.20.0.2

The datacentre monowall has IPSEC VPN tunnels to each of the remote sites, as follows:

DC - Site 1 - Remote Subnet = 172.16.0.0/24
DC - Site 2 - Remote Subnet = 172.17.0.0/24
DC - Site 3 - Remote Subnet = 172.18.0.0/24
DC - Site 4 - Remote Subnet = 172.19.0.0/24

And when I establish the far end VPN's as follows it works:

Remote Site - DC - Remote Subnet = 172.20.0.0/24

However, I want to be able to route traffic *from* remote sites *to* remote sites via the datacentre as follows:

Site 1 --> DC --> Site 2

So, for example, when I'm at Site 1 (172.16.0.0/24) I can ping a host at Site 2, such as 172.17.0.2.

To this end, I configure the "Remote Subnet" at each remote site using a CIDR supernet of 172.16.0.0/13 but traffic doesn't get routed.  Any ideas?
 
Pages: [1]
 
 
Powered by SMF 1.1.20 | SMF © 2013, Simple Machines