Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
mwakiz
Participant

route office mode through Ipsec tunnel (site to site)

Jump to solution

How do I route my office mode network through my site to site Ipsec tunnel to access resources in our remote offices?

1 Solution

Accepted Solutions
G_W_Albrecht
Legend
Legend
10 Replies
G_W_Albrecht
Legend
Legend

By adding these networks to your RA VPN Encryption Domain !

mwakiz
Participant
Thanks. Which network? office mode or the remote office one?
G_W_Albrecht
Legend
Legend

The target networks !

mwakiz
Participant
Let me rephrase my question:

I have users who are connecting to our network with SecureClient VPN 82.20.
The GW are on R77.
I am using Office Mode, the users are getting IP from the Office Mode pool and everything works fine when they are pointing to targets within our networks and all LAN resources are accessible.

Now, what I want to do is to also route them to another remote network thru site-to-site VPN that I've configured. The remote network is accessible from LAN.

How should I do that? What do I need to configure?
0 Kudos
G_W_Albrecht
Legend
Legend

A VPN client Encryption Domain, containing all nets that should be accessible. Go into Gateway > Network Management > VPN Domain > Set specific VPN Domain for GW Communities > Select the RA Community > Set > User Defined select a Network group created for this purpose.

Daniel_Hainich
Collaborator

hi, please help - i cant find the right place where i have to configure the RA vpn domain. daniel

G_W_Albrecht
Legend
Legend
G_W_Albrecht
Legend
Legend

Addition to the screenshot: This is R80.40, so you can select between different RA VPN communities. Up to R80.30, there was only one RA VPN community where the Domain could be set...

0 Kudos
Juan_Brion_Garc
Explorer

Hi G_W_Albrecht,

I have done that you propose, but it does not work.

As RA VPN domain, I have created a group including internal networks and also internal networks from some remote peers, and it does not work.

 

We can reach, trough RA internal resources but no IPSEC site to site resources on remote peers.

From internal LAN, we can access them.

 

0 Kudos
Juan_Brion_Garc
Explorer

Hi G_W_Albrecht,

We have tried that you proposed (including internal networks from remote peers, with a S2S VPN with our cluster, on RA VPN domain) but we cannot reach them.

We can reach them from internal LAN only.

regards

0 Kudos