<div dir="ltr">You need to configure routing.<div><br><div>* Clients on 10 network must know that 192.168.30.1 is reachable via 192.168.20.1. You must add appropriate record to their routing tables.</div><div>* 192.168.20.1 must have forwarding enabled. If it has firewall, it must also allow forwarding between these networks.</div><div>* 192.168.30.1 must know that clients in 192.168.10.0 is reachable via 192.168.20.1. You must add appropriate record to it's routing table.
</div><div><br></div><div>Alternatively, you could implement source NAT on 192.168.20.1. </div><div>In this case 192.168.30.1 may be left unaware about clients because all connections to it will "look like" connections from 192.168.20.1.</div><div>Not all protocols may go through nat nicely and also 192.168.30.1 would not be able to connect to it's clients (only "answer" their connections).</div><div></div><div><br></div><div>Ilya.</div><div><br></div><div><br></div><div><br></div></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Fri, Nov 15, 2019 at 11:11 PM <a href="mailto:guega@guega.de">guega@guega.de</a> <<a href="mailto:guega@guega.de">guega@guega.de</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div bgcolor="#FFFFFF">
<p>This is the requested scenario:</p>
<p>There is a SITE-TO-SITE VPN connection between <a href="http://192.168.10.0/24" target="_blank">192.168.10.0/24</a>
network and a destination network <a href="http://192.168.20.0/24" target="_blank">192.168.20.0/24</a>.<b><br>
Client 192.168.10.1 can ping server 192.168.20.1 in the
<a href="http://192.168.20.0/24" target="_blank">192.168.20.0/24</a> network</b><br>
</p>
<p>The remote <b><a href="http://192.168.20.0/24" target="_blank">192.168.20.0/24</a></b> network has a working
SITE-TO-SITE VPN connection with the network <b><a href="http://192.168.30.0/24" target="_blank">192.168.30.0/24</a>.</b><b><br>
Users in the <a href="http://192.168.20.0/24" target="_blank">192.168.20.0/24</a> network can ping Server
192.168.30.1 in the <a href="http://192.168.30.0/24" target="_blank">192.168.30.0/24</a> network.</b></p>
<p>Is there a possibility to let client 192.168.10.1 ping server
192.168.30.1 in the <a href="http://192.168.30.0/24" target="_blank">192.168.30.0/24</a> network?<br>
How do I even route the traffic for <a href="http://192.168.30.0/24" target="_blank">192.168.30.0/24</a> through the
tunnel to the <a href="http://192.168.20.0/24" target="_blank">192.168.20.0/24</a> network.<br>
<br>
Sadly a direct VPN connection between <a href="http://192.168.10.0/24" target="_blank">192.168.10.0/24</a> and
<a href="http://192.168.30.0/24" target="_blank">192.168.30.0/24</a> is not an option due to some business related
reasons.<br>
"Ping" stands for Client/Server Communication. <br>
</p>
<p>Any advise would be very welcome.<br>
</p>
<p><br>
</p>
</div>
</blockquote></div>