Hello list,
I need to provide internet access through a proxy server on a central
office to a remote Lan on a branch office (LAN-B). Also there is an
internal server
that LAN-B machines should reach.
Below there is a simple diagram.
Right now I have an IPsec VPN tunnel between offices, and LAN-B can
acces LAN-A machines without problems. But LAN-B machines can't access
the remote proxy or the internal server on a different LAN. Pings from
a LAN-B PC
to the PROXY server actually reach the proxy but answers get stuck on
the VPN-Gateway-A.
VPN-Gateway-A says to the proxy server that network LAN-B is unreachable.
I am really confused. Both, router and VPN-Gateway-A knows how to
reach LAN-B machines. I think that this behavior is due to the fact
that VPN tunnel is up only for packets between LAN-A and LAN-B, so
packets from the proxy
server (on a different LAN) doesn't get routed to the tunnel. And
since this, VPN-Gateway-A doesn't know how to reach LAN-B.
All routers, proxy and VPN gateways are Centos based PCs. VPN gateways
have Centos IPSEC implementation.
Maybe IPsec is not appropriate on this case. Maybe openvpn fits better.
[internet]
|
(proxy) (internal server)
|
[LAN]
|
(router)
|
[LAN-A]
|
((VPN-Gateway-A))
|
[wifi link]
|
((VPN-Gateway-B))
|
[LAN-B]
Hope it is clear enough.
--
Mr. Vandeley.
