topic Re: SETTING SITE TO SITE VPN in General Topics

SETTING SITE TO SITE VPN

Junior — Fri, 27 Sep 2024 11:06:00 GMT

Hello everyone

I need help setting up a site-to-site vpn service. I have two Microtik routers on the front, each on a remote site A and B. The vpn s2s configuration between the two Microtik routers is OK and works correctly. the CP 3600 firewall is behind router A (see diagram). i can ping the ip address of router A's interface from my pc behind the cp, but i can't ping the port of router A's interface that participates in the vpn s2s tunnel with router B. i've created a route in the cp with the GW of the cp's interface that is connected to router A. but the pings to router B don't work. configuration of the GW on the cp: lan destination: 10.254.1.0/24; GW: 192.168.3.1;

thanks you

Re: SETTING SITE TO SITE VPN

AkosBakos — Fri, 27 Sep 2024 12:29:26 GMT

Hi @Junior

It is an offtopic, am I right? 🙂

The CP GWs are not participating as VPN GW-s

However can you ping from PC1 -> Microtik2 10.254.1.1?

What does #ip route get say on the CP3600 for 10.254.1.10?

Akos

Re: SETTING SITE TO SITE VPN

the_rock — Fri, 27 Sep 2024 13:54:43 GMT

Did you do any packet captures to see where that traffic goes?

Andy

Re: SETTING SITE TO SITE VPN

Junior — Sun, 29 Sep 2024 11:48:30 GMT

indeed an #ip route get 10.254.1.10, indicates the default route 172.16.10.2 which is the exit towards internet of the firewall. yes CP does not take part in the installation of the tunnel between the microtik. after having indicated the good route, all returned in order. Thanks for your help

Re: SETTING SITE TO SITE VPN

Junior — Sun, 29 Sep 2024 11:49:48 GMT

merci de m'avoir assisté

Re: SETTING SITE TO SITE VPN

the_rock — Sun, 29 Sep 2024 13:04:00 GMT

I dont speak French (which I probably should considering I live so close to Quebec lol), but I understood that 🙂

Best,

Andy

je vous en prie