[strongSwan] Connect to one site through another
Michael Schwartzkopff
ms at sys4.de
Thu Jul 14 08:32:39 CEST 2022
On 14.07.22 03:27, VTwin Farriers wrote:
> Its been a while since I've had time to work on this so I am circling back in the hopes someone can help me.
>
> I have 3 sites, A B and C. Each has its own subnet, 192.168.A.x/24, 192.168.B.x/24 and 192.168.C.x/24
>
> Site A and Site C both connect to Site B. This is all working well.
>
> Site A needs to be able to talk to Site C's subnet. However, Site A cannot directly connect to Site C. Traffic to Site C is restricted to certain subnets so while Site B can communicate with Site C, Site A cannot.
>
> I would like to route traffic from Site A for Site C through Site B and conversely have Site C be able to talk to Site A's subnet. Is there a way I can change my swanctl.conf file to allow this?
>
> I tried adding C's subnet to the local and remote_ts configuration for Sites A and B, but this did not work.
>
> Can I accomplish what I am attempting to do w/ strongswan?
Just Add the site-c subnet to the tunnel of A-B.
Also see:
https://blog.sys4.de/routing-based-vpn-with-strongswan-de.html
https://blog.sys4.de/routing-based-vpn-with-strongswan-ii-de.html
Mit freundlichen Grüßen,
--
[*] sys4 AG
https://sys4.de, +49 (89) 30 90 46 64
Schleißheimer Straße 26/MG,80333 München
Sitz der Gesellschaft: München, Amtsgericht München: HRB 199263
Vorstand: Patrick Ben Koetter, Marc Schiffbauer, Wolfgang Stief
Aufsichtsratsvorsitzender: Florian Kirstein
More information about the Users
mailing list