E
E
Evgeny Vorobyov2020-11-18 15:29:44
openvpn
Evgeny Vorobyov, 2020-11-18 15:29:44

Is it possible to communicate with an internal openvpn network on another network via ipsec?

Good afternoon friends. Please help me with the following question.
There are 2 networks. xx1.0 and xx2.0. Are connected through ipsec among themselves (mikrotiki). On the xx2.0 network, there is a hypervisor running a virtual machine running debian with openvpn installed. Openvpn works through tun with internal network 10.8.1.0.
On Mikrotik xx2.1, I set up a routing line to network 10.8.1.0 via xx2.104 (virtual machine). On the xx2.1 network, the 10.8.1.x subnet pings successfully. How can I make it so that it was from under the xx1.0 network? The feint does not work as in the xx2.0 network, although Wirth from the xx1.0 network pings (like the entire neighboring network).

Answer the question

In order to leave comments, you need to log in

1 answer(s)
C
CityCat4, 2020-11-19
@CityCat4

In IPSec, instead of routes, there are policies. Write a policy that packets for such and such a network need to be encrypted and sent to such and such a gate, they will be decrypted on the gate and go through the local route table, if it contains an indication of where this packet should be put, they will put it there.

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question