08-25-2013 11:28 AM
I have a multiisite hub and spoke VPN network. Is there any way to configure the end points to initiate the tunneling for the multiple subnets they are carrying, without traffic being geneterated to each subnet. IE. site a is 1.1.1.1 site b is 2.2.2.2, and so on, hq is 10.10.10.10. Each site routes to each other site through the main vpn tunnel to hq, but, they cannot talk to each other, unless each site tries talking to the others as well, IE if A pings 2.2.2.2 it will not respond until B pings 2.2.2.2, and then they talk fine. Any help or ideas?
08-25-2013 12:07 PM
Hello Matthew,
What kind of VPN are you using?
Based on the description you provide us it looks like a particular site has a Dynamic IP address so the other host does not know who the peer is, so until the peer inittiates the VPN it will then know who it is,
For more information about Core and Security Networking follow my website at http://laguiadelnetworking.
Any question contact me at jcarvaja@laguiadelnetworking.com
Cheers,
Julio Carvajal Segura
08-25-2013 12:29 PM
The vpns are site to site, each of the spokes connect directly to the hub. Each spoke is a dynamic ip with the hub being static. each spoke only has one vpn peer and that is the hub, and the "main" subnet at the hub is tunneled immediately when the settings are applied in the VPN, but the hub has itself 3 subnets. I have to initiate traffic from the spoke to the other subnets to get them to tunnel. which is in line with having to initiate traffic from spoke to spoke across hub, except in that case, not until the other spoke initiates traffic back, does the routing and traffic flow.
I can provide diagrams and configs if needed, to assist.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide