This is my setup:
I have Router 1 in gateway mode, with R2 and R3 behind it, each handling one subnet.
Router 1 WAN = 10.1.1.1
LAN = 192.168.1.1 /24
Router 2 WAN = 192.168.1.2
LAN = 192.168.2.1 /24
Router 3 WAN = 192.168.1.3
LAN = 192.168.3.1 /24
I have static routes set up in R1 so that clients behind R2 can communicate with clients behind R3 and vice-versa. VNC sessions work, no problem. They can see web pages. Everything is lovely.
The problems happen when I introduce Router 4
Router 4 WAN = 10.1.1.4
LAN = 192.168.4.1 /24
I have an IPSec VPN running between R1 and R4.
Clients behind R1 (192.168.1.xxx) can communicate with clients behind R4 (192.168.4.xxx), and vice-versa. But clients behind R4 cannot communicate with anything behind R2 or R3.
I can ping the WAN sides of R2 and R3 (because they reside on the subnet of R1), but if I try to ping anything behind R2 and R3, it doesn't work.
At first, I thought the problem was with R2 and R3, but I ran a tracert from R4 to the LAN side of R2, and saw from the results that R4 is kicking the packet out its WAN port.
How do I write I static route that makes R4 use the IPSec tunnel between itself and R1 to access clients on R2?
I'm inexperienced with static routes (Someone please explain Hop Count to me?), and sure I'm screwing up something really obvious.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: