Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
322
Views
0
Helpful
1
Replies

Can't reach VPN Sub-Sub Net

pperez1900
Level 1
Level 1

‎03-11-2013 04:17 PM

Hello. I have a configuration like the next diagram:

The FW is Linux Firewall. The IPsec tunnel is working, I can ping PC2 from PC1 and viceversa. I also can ping PC0 from PC1 thanks to a Firewall rule and an static route in Router1 that tells the router that he can access subnet 172.26.1.0  trough 172.26.2.2. I can ping from  PC0 to PC2.The problem is that I can't ping PC0 from PC2. I've added a rule in the firewall for the subnet 172.26.3.0 and a staic route in the Router2 to reach the subnet 172.26.1.0 trough the IP 172.26.2.2 but it isn't working. If anyone has some recomendation or experience with this type of implementation I'd appreciate the help. Thanks.

PING PROBE

PC1 to PC2 OK

PC2 to PC1 OK

PC0 to PC1 OK

PC0 to PC2 OK----- It works because the ping arrives to PC2 with the address 172.26.2.2 (Firewall IP)

PC1 to PC0 OK

PC2 to PC0  X----- Here's the problem

Again, thank you for your help.

Labels:
0 Helpful
1 Reply 1

pperez1900
Level 1
Level 1

‎03-17-2013 07:28 AM

I did NAT translations, sent traffic to addresses of the 172.26.2.0 subnet and redirected to addresses of the 172.26.1.0 subnet.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents