static route through VPN

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

static route through VPN

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
static route through VPN
static route through VPN
2015-06-25 15:26:08 - last edited 2021-08-21 04:55:44
Region : Argentina

Model : TL-ER6120

Hardware Version : V1

Firmware Version :

ISP :


I have a TL-ER6020 firewall product that I have setup with an IPSec VPN
between 2 sites. Site A <-> Site B

Site A : TL-ER6020 (192.168.0.0/24) with static route to 10.224.14.0/24 via
192.168.10.1 gateway address via WAN1 (hopefully through VPN on that
interface).

Site B : Cyberoam CR35wi (192.168.10.0/24) with working static route to WAN1
interface (192.168.51.1).

My aim is to get traffic from Site A through the VPN via static route to
Site B which will forward through WAN1 interface to network 10.224.14.0/24.
The static route for Site B is working for it's local subnet at present.

10.224.14.18 (destination address) -> Site A (192.168.0.1) -> (static route) -> VPN (WAN1) -> Site B (192.168.10.1) -> WAN1 (192.168.51.0) -> 10.224.14.0/24

Can traffic be routed through the VPN via static route or is there another
way to do it? Or is it not possible with the TL-ER6020?
  0      
  0      
#1
Options
9 Reply
Re:static route through VPN
2015-06-25 17:27:25 - last edited 2021-08-21 04:55:44
  0  
  0  
#2
Options
Re:static route through VPN
2015-06-25 17:47:39 - last edited 2021-08-21 04:55:44
I have done that and the ticket has not been answered for 36 hours
  0  
  0  
#3
Options
Re:static route through VPN
2015-06-25 22:18:32 - last edited 2021-08-21 04:55:44
1. You need to provide a better diagram than that.

2. It looks like you have the destination network address on both LAN sides of both routers. If that's the case, routing will never happen.
  0  
  0  
#4
Options
Re:static route through VPN
2015-06-30 10:53:36 - last edited 2021-08-21 04:55:44
Image attached I hope this makes it clearer.


  0  
  0  
#5
Options
Re:static route through VPN
2015-07-01 01:10:31 - last edited 2021-08-21 04:55:44
I believe I understand what you are attempting. Correct me if I am wrong;
1. you have multiple networks attached to Router B?
2. Router B - cyberoam CR35wi (192.168.10.0/24) & (10.224.14.0/24) ?
3. you have one network attached to Router A that needs to connect to all networks on Router B?
4. Router A - TL-ER6020 (192.168.0.0/24)?

IPSec does not work by routing tables.
IPSec encapsulates/encrypts one network's packets (Intranet) for destination over unsecure networks (Internet) to another network (Intranet) then unencapsulates/decrypts packets. Then any internal static routes are used to route packets for different attached networks.

A rule for each network's packets is needed.

On Router A:
You would have to create a second tunnel IPSec Policy with the source network (Router A - TL-ER6020) 192.168.0.0/24 to destination network (Router B - cyberoam CR35wi) 10.224.14.0/24.

On Router B:
You would have to create a second tunnel IPSec Policy with the source network (Router B - cyberoam CR35wi) 10.224.14.0/24 to destination network (Router A - TL-ER6020) 192.168.0.0/24.
  0  
  0  
#6
Options
Re:static route through VPN
2015-07-02 08:36:15 - last edited 2021-08-21 04:55:44
Here is a more detailed map of the topology.





I am hoping to create a static route from 192.168.0.0 to direct traffic to the CR35wi (192.168.10.0/24) and it will in turn use its static route to forward to the destination at 10.224.14.0/24.
File:
static_routes.jpgDownload
  0  
  0  
#7
Options
Re:static route through VPN
2015-07-02 23:57:13 - last edited 2021-08-21 04:55:44
The diagram is missing some components;

Does, Router A (192.168.0.0/24) connect to Router B (192.168.10.0/24) via WAN 1 using IPSEC/VPN ?
Does, Router C (192.168.51/0) connect to Router B (192.168.10.0/24) via WAN 2 using IPSEC/VPN?
How do Router C (192.168.51/0) connect to Router D (10.224.14.0/24) ? IPSEC/VPN/LAN?

Send me a private message with details.
  0  
  0  
#8
Options
Re:static route through VPN
2015-07-03 15:57:16 - last edited 2021-08-21 04:55:44
Does, Router A (192.168.0.0/24) connect to Router B (192.168.10.0/24) via WAN 1 using IPSEC/VPN ? IPSEC/VPN
Does, Router C (192.168.51/0) connect to Router B (192.168.10.0/24) via WAN 2 using IPSEC/VPN? WAN2 (no VPN, private wide area network)
How do Router C (192.168.51/0) connect to Router D (10.224.14.0/24) ? IPSEC/VPN/LAN? Private LAN

This might be clearer -



  0  
  0  
#9
Options
Re:static route through VPN
2015-07-04 04:26:07 - last edited 2021-08-21 04:55:44

vpnrouter wrote

I believe I understand what you are attempting. Correct me if I am wrong;
1. you have multiple networks attached to Router B?
2. Router B - cyberoam CR35wi (192.168.10.0/24) & (10.224.14.0/24) ?
3. you have one network attached to Router A that needs to connect to all networks on Router B?
4. Router A - TL-ER6020 (192.168.0.0/24)?

IPSec does not work by routing tables.
IPSec encapsulates/encrypts one network's packets (Intranet) for destination over unsecure networks (Internet) to another network (Intranet) then unencapsulates/decrypts packets. Then any internal static routes are used to route packets for different attached networks.

A rule for each network's packets is needed.

On Router A:
You would have to create a second tunnel IPSec Policy with the source network (Router A - TL-ER6020) 192.168.0.0/24 to destination network (Router B - cyberoam CR35wi) 10.224.14.0/24.

On Router B:
You would have to create a second tunnel IPSec Policy with the source network (Router B - cyberoam CR35wi) 10.224.14.0/24 to destination network (Router A - TL-ER6020) 192.168.0.0/24.


Did you create the two IPSec Policies mentioned above?
  0  
  0  
#10
Options