No announcement yet.

VPN Routing?

  • Filter
  • Time
  • Show
Clear All
new posts

  • VPN Routing?

    Hi All,

    I'm a server guy by trade but have setup a number of IPSEC VPNs for a friends business. He wants all sites to be able to see each other on an IP level, but Site B cannot see Site C (ping) and vice versa. Main Site can ping and see both sites fine. What should I be looking at doing? Thanks.

  • #2
    Re: VPN Routing?

    You need a a static route at sites B and C telling the router that the way to those subnets is via site A. This would normally done on the routers as they are the gateways for the clients at those sites, manually updating Windows routing tables is a PITA.
    BSc, MCSA: Server 2008, MCSE, MCSA: Messaging, MCTS
    Cruachan's Blog


    • #3
      Re: VPN Routing?

      Or you can run GRE over Ipsec and use dynamic routing protocols. If its cisco equipment and it supports it another option is VTI based ipsec vpn's or a better option DMVPN.
      CCNA, CCNA-Security, CCNP
      CCIE Security (In Progress)


      • #4
        Re: VPN Routing?

        How have you setup the VPN's???

        It really should be just a case of saying on the tunnels that the subnets have access to each other.

        i.e the 2 tunnels on site A should say this

        Site B VPN has access to Site A and C
        Site C VPN has access to Site A and B

        Site B

        VPN to site A also routes traffic for Site C

        Site C

        VPN to Site A also routes traffic for Site B

        Hopefully that makes some sort of sense.