AnsweredHot!Please Help: connect 2 site to site VPN tunels

Author
vedranOP
New Member
  • Total Posts : 2
  • Scores: 0
  • Reward points: 0
  • Joined: 2017/04/21 06:20:54
  • Status: offline
2021/10/07 00:50:26 (permalink)
0

Please Help: connect 2 site to site VPN tunels

Hi,
 
I have the following scenario:
Site A: 10.149.3.0/27
Site B: 192.168.0.0/24
Site C:  172.31.10.140/20
Site A and Site C must cummunicate.
FG is located in site B.
On FG in sTie B Site to site VPN A<->B and B<->C is configured.
Site to site VPN A-B uses NAT with following configuration:


External IP Range172.31.254.9 - 172.31.254.14Internal IP Range192.168.0.1 - 192.168.0.254 
Can please assist how to make A<->C communication. Thank you!
#1
sw2090
Expert Member
  • Total Posts : 1022
  • Scores: 85
  • Reward points: 0
  • Joined: 2017/06/14 01:27:25
  • Location: Regensburg
  • Status: offline
Re: Please Help: connect 2 site to site VPN tunels 2021/10/07 04:25:21 (permalink) ☼ Best Answerby vedranOP 2021/10/07 04:45:42
0
Basically this means:
 
there is no S2S VPN (or vpn at all) from A to C, so the only way fro A to C is through B.
This means:
1. the Gw on Site A has to know a route for C that has the FGT at B as Gateway.
2. the FGT on Site B has to know a route for C over the S2S  and also back to A (might already be there with the S2S, since required for commnication B<->C too).
3. the FGT on Site B has to have a policy that allows traffic from A to C to flow coming from S2S A<-> B and going to S2S B<->C
4. the Gw on Site C has to know a route back to A with FGT at B as Gateway
 
I currently don't know if our NAT affects anything in here as I don't use NAT on S2S Tunnels here.

I thus have a similar case here:
 
I got a Webservice that only allows access from our wan IPS at HQ. So all Sites have to access this via us.
So this has to go from Site <= S2S => HQ <= SDWAN => Website. Since in routing and polcies that's all down to interfaces that is basically the same...

-- 
"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams
#2
Jump to:
© 2021 APG vNext Commercial Version 5.5