Is it possible to route between remote networks over IPSEC tunnels?


#1

Hi folks,

I have a Balance 580 at my HQ office, with three IPSEC tunnels up, to three different AWS regions. The tunnels are working great, and I can route traffic back and forth over them just fine. I am however, having trouble using the peplink to route travel between the AWS networks.

The three working tunnels are:

10.5.0.0/16 <-> 10.248.0.0/16
10.5.0.0/16 <-> 10.249.0.0/16
10.5.0.0/16 <-> 10.250.0.0/16

If I add one of the tunnel endpoint networks as a local network for another tunnel, traffic flows between the two remote networks, but stops going between the HQ and the remote one.

For example when I set:

10.5.0.0/16, 10.249.0.0/16 <-> 10.248.0.0/16
10.5.0.0/16, 10.248.0.0/16 <-> 10.249.0.0/16

Traffic works between the 10.248 and 10.249 networks, but neither of them can hit the HQ network (10.5.0.0/16).

Has anyone got this sort of thing to work? Or is there some setting I’m missing?

Thanks!


#2

Hi,

I tested 3 sites can communicate with each other. 3 sites are using Balance router. Diagram as below:-

Branch1, 192.168.2.0/24 <—IPSec—> HQ, 192.168.1.0/24 <—IPSec—> Branch2, 192.168.50.0/24

HQ to Branch1


HQ to Branch2


Branch1


Branch2


Hope this help.