News: This forum is now permanently frozen.
linktree m0n0wall Forum  >  m0n0wall Support (English)  >  VPN
linktree Topic: Several VPN networks need to communicate
Pages: [1]
Topic: Several VPN networks need to communicate  (Read 1616 times)
« on: October 31, 2013, 21:07:22 »
berg4 *
Posts: 2
We have several networks behind different IP Sec VPN:s and they need to communicate. How is this set up?

Network 1. 192.168.0.0/24 (connected on IP Sec VPN)
Network 2. 192.168.100.0/24 (m0n0wall network)
Network 3. 10.230.0.0/24 (connected on IP Sec VPN)

The users on Network 3 would need to connect to the ones on network 1, but currently they cannot.
From the Network 2, both other networks can be reached ok.

Best regards,

Bjorn
« Reply #1 on: November 01, 2013, 19:01:41 »
THG *
Posts: 7
It depends on the firewalls that you have in network 1 and network 3, probably a missing VPN policy.
« Reply #2 on: November 04, 2013, 09:31:51 »
berg4 *
Posts: 2
Hi THG,

Not likely to be that cause. We did use a different firewall before and had no problems with this and exact same configuration.

//Björn
« Reply #3 on: November 04, 2013, 18:05:18 »
THG *
Posts: 7
I would check routing tables, VPN policies and/or firewall rules. There is no VPN policies in m0n0wall, only firewall rules. In other firewalls, you probably need to set up a policy for each network.
« Reply #4 on: November 07, 2013, 01:13:02 »
Lee Sharp *****
Posts: 517
By default, IPsec is only a single hop VPN.  Ideally, you need a tunnel between networks 1 and 3.  If you want to route through network 2, you need summery routes that make sense.  I would go with the third tunnel.
 
Pages: [1]
 
 
Powered by SMF 1.1.20 | SMF © 2013, Simple Machines