All Questions
11
questions
0
votes
0
answers
28
views
PFsense: fake subnet
I have got on IPSec tunnel mapping a remote 172.x/24 network to my local 10.x/16 network.
Because I cannot change the configuration on the remote site I need to use this like this (with 10.x/16 ...
- 73
2
votes
1
answer
202
views
How are `vti` and `xfrm` iproute2 interfaces supposed to be configured and used with xfrm states and policies?
XFRM states and policies enable configuring IPsec encryption without a virtual interface. The vti and xfrm interface types, however, I think make it possible to route traffic through a virtual ...
- 49
0
votes
0
answers
47
views
UDMP Wireguard Server + IPSec Site-to-site
We have a UDMP with a few VLANs : 10.92.10.0/24 , 10.92.41.0/24, 10.92.42.0/24
We have added a Wireguard server, which uses 192.168.4.0/24, and works wonderfully (clients can connect and access ...
0
votes
1
answer
22
views
IPSec S2S peer B host cannot receive ICMP reply or access host resources on peer A
I've got an IPSec S2S tunnel setup. The VPN is connected, tunnel established.
Here's the network topology:
(for reference, I am Peer A)
Problem:
host A pings host B and gets reply (this is not a ...
- 589
0
votes
1
answer
76
views
Creating an IP alias for a device on another subnet behind a VPN
I set up a site-to-site VPN with IPsec between two routers.
Router 1 (DLink DSR-250V2) controls the 11.11.11.0/24 subnet.
Router 2 controls the 192.168.1.0/24 subnet.
The tunnel itself works fine. ...
- 1
1
vote
0
answers
36
views
Routing specific subnet through a local peer
I have two (almost identical) Ubuntu machines with the local IP of 10.0.0.10 and 10.0.0.20, let's call them TEN and TWENTY respectively. Both have the default gateway of 10.0.0.1.
On TEN I have a site-...
- 11
0
votes
1
answer
2k
views
Single IP left subnet and routing traffic through tunnel in strongswan
I must set up an ipsec tunnel to use an external service provided by another company (so I have no control on the other side and can't change anything there). Let's say that:
192.168.0.0/24 is my ...
- 23
0
votes
0
answers
992
views
Setup static routes with Libreswan
We are using Libreswan to connect On-Premise network to Azure and BGP to advertise routes. But Azure BGP it's eBGP with 2 hops.
The use case it's:
a. setup IPSec tunnel
b. route Azure Peer IP via ...
- 101
0
votes
0
answers
288
views
IPSec VPN Routed LANs
Recently I changed from a home-run OpenVPN to a home-run Cisco (XAuth) IPSec VPN for more compatibility. However, I haven't found documentation on "pushing" routes from the IPSec server to clients. In ...
- 53
0
votes
1
answer
1k
views
Connection through VPN and another subnet
I'm a Java Developer and for a few weeks I'll be in charge of the network as well. A client of ours wants a VPN connection to his network which I already mounted (Using a TP-link router to stablish ...
- 1
24
votes
1
answer
35k
views
Does the traffic go through my company network when I browse when connected through SSL-VPN
I work for a company which is not in my country. The enterprise intranet is in a different country. We do not have many employees in my country - so everyone works from home. When we need intranet ...
- 583