I have been racking my brain around a current networking project that I need to complete in the next few weeks while meeting the objectives below:
- Connect two different sub-nets (192.168.30.0/24 & 192.168.63.0/24) together at one of my locations to my Balance 380.
- Create an IPsec tunnel to a remote site for the 192.168.63.0/24 network to utilize. (I know this can be done with an Outbound policy, setting one for the path to utilize the IPsec tunnel).
- Isolate the IPsec tunnel from my network, only allowing access to the 192.168.63.0/24 network. The remote network already utilizes multiple sub-nets that I have currently deployed (and cannot change) and do not wish to grant additional access to my LANs.
- I would like my sub-nets to have the ability to access the 63 network and vice-versa, but the IPsec tunnel traffic can only access the 63 network.
- Any proposed network equipment for building B preferably needs to take native DC power (either 12V, 24V, 48V), the MAX-BR1-T is my current plan if a router is needed (cost effective), as there is already an extensive DC power system with battery backup in place.
I have attached two PDFs, one is the current physical network. The second (Thought1.pdf) is my current thought for network layout, but not sure on the configurations needed to best accomplish this project. Thanks for any input the community may have.