Community discussions

 
igpetkov
newbie
Topic Author
Posts: 42
Joined: Thu Oct 09, 2014 10:27 pm

Forwarding traffic

Sun Sep 01, 2019 12:22 pm

HI, All!
I have two officess- Main and Remote and I need to connect them.
In Main office there is IP PBX, Local servers and Network printer.
I need machines in Remote office to have Layer 2 connection to network in Main office and plan to connect them with EoIP tunnel and machines in Remote office to use DHCP from Main office router, but in same time all external traffic from machines in Remote Office to be directed to WAN of the Remote office and do not flow through EoIP tunnel.
I want only traffic to IP PBX, Local server and printers goes through EoIP tunnel.
Is there way to do that with Mangle rule or something else?
Thank You
 
User avatar
CZFan
Forum Guru
Forum Guru
Posts: 1364
Joined: Sun Oct 09, 2016 8:25 pm
Location: South Africa, Randburg
Contact:

Re: Forwarding traffic

Sun Sep 01, 2019 11:38 pm

Personally, I would not use DHCP across the tunnel, if main site is down for long period, it will mean remote site internet access, local network printing, etc, will also be down.
Then issue DHCP from local routers and specify relevant gateway in scopes
MTCNA, MTCTCE, MTCRE & MTCINE
 
igpetkov
newbie
Topic Author
Posts: 42
Joined: Thu Oct 09, 2014 10:27 pm

Re: Forwarding traffic

Mon Sep 02, 2019 7:23 am

Thank You, CZFan!
Can you suggest other decision with layer 2 communication. At moment Remote router is connected with L2TP IPSec to Main and both router route internal traffic between then and external to their wans. Both routers have different lan network - main: 192.169.1.0/24 and Remote: 192.168.9.0/24.
But can't start printing from Remote location on printer in Main network.
Moreover IP phones connect to PBX throuh external IP.
 
User avatar
CZFan
Forum Guru
Forum Guru
Posts: 1364
Joined: Sun Oct 09, 2016 8:25 pm
Location: South Africa, Randburg
Contact:

Re: Forwarding traffic

Tue Sep 03, 2019 9:02 pm

You have not provided much info, and from what you have mentioned, I am not sure why L2 is a must. Both printing and VoIP can work across a L3 network.

So I would use IPSec site to site (IKE) VPN between offices, configure the phones as an "External Extension", but routed across the VPN link, i.e. point to internal IPs, not public IPs, same for printers
MTCNA, MTCTCE, MTCRE & MTCINE
 
User avatar
JohnTRIVOLTA
Member Candidate
Member Candidate
Posts: 197
Joined: Sun Dec 25, 2016 2:05 pm
Location: BG/Sofia

Re: Forwarding traffic

Tue Sep 03, 2019 9:43 pm

I use a similar configuration for L2 transparent connectivity. I use L2TP IPsec with BCP on bridges to the both sides. I usе DHCP on main office with address XX.XX.XX.1/24/respectively gateway for network/ with dhcp-pool from 2-99, and on remote office with address XX.XX.XX.254/24 /respectively gateway for network/ and dhcp-pool from 100-199 . Finaly i block dhcp discovery on L2TP link with bridge filter on both sides !

Who is online

Users browsing this forum: Bing [Bot] and 17 guests