Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Adity12
Contributor

How to make vpn gateway have capability to foward another traffic vpn

Hi All,

Have a good days.

 

I have some issue with my environment lab, currently i set my lab to deploy IPsec VPN site to site.

i have done create 3 site, and planning from site 1 can access site 2, but for site 3, site 1 must through site 2 firstly and then from site 2 directly site 3.

 

For now site 1 is able to communicate to site 2, all traffic will encrypted. but for site 2 to site 3 still have issue, even in the explicit policy for vpn traffic only, i get noticed the traffic still pass from FW not VPN.

 

Maybe i lost or missing setting, if anyone has successfully for this setup, can you tell me.

Where is  the part / config i've missing or wrong?

 

Thanks Regards

Dio Aditya Pradana

0 Kudos
3 Replies
G_W_Albrecht
Legend
Legend

Why this crippled configuration ? Use Mashed Encryption Domain VPN !

CCSE CCTE SMB Specialist
0 Kudos
Wolfgang
Mentor
Mentor

@Adity12 as  @G_W_Albrecht wrote keep it simple as possible.

Another solution will be use a star community with the gateway of site 2 as center and the others as satellites. Additional you have to enable VPN routing to get the traffic routed from site 1 to site 3 via site 2.

Screenshot 2022-05-20 084416.png

0 Kudos
G_W_Albrecht
Legend
Legend

Basic Site to Site VPN Configuration

CCSE CCTE SMB Specialist
0 Kudos