Community discussions

MikroTik App
 
Technetium
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 75
Joined: Sun Oct 16, 2016 10:56 pm

Routing between 3 sites using IPSec tunnels

Thu Jun 03, 2021 12:31 pm

I have 3 sites connected through an IPSec tunnel
Site A to Site B: 192.168.1.0/24 <--> 10.0.1.0/24
Site B to Site C: 10.0.1.0/24 <--> 172.20.10.0/24

How can I route the traffic from Site A to Site C through the IPSec tunnel?
 
Dude2048
Member Candidate
Member Candidate
Posts: 212
Joined: Thu Sep 01, 2016 4:04 pm

Re: Routing between 3 sites using IPSec tunnels

Thu Jun 03, 2021 1:17 pm

First of all, ipsec is not a routing protocol, it is a policy.
If you can ping all the addresses in your network you're ready to implement ipsec. So you have to solve that first.
Then https://wiki.mikrotik.com/wiki/Manual:I ... n_Examples

Menu ip -> ipsec
  • Configure peer
  • Configure identities
  • Check active peers
  • Configure proposals
  • Configure policies
  • Check policies if there active and check with ping / traceroute with source and destination ip to activate the policy
 
Technetium
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 75
Joined: Sun Oct 16, 2016 10:56 pm

Re: Routing between 3 sites using IPSec tunnels

Thu Jun 03, 2021 1:33 pm

Ipsec is already working.
But how can I setup the site A to reach the site C ?
 
Dude2048
Member Candidate
Member Candidate
Posts: 212
Joined: Thu Sep 01, 2016 4:04 pm

Re: Routing between 3 sites using IPSec tunnels

Thu Jun 03, 2021 1:36 pm

Can you post your configs?
Don't forget export hide-sensitive
 
Technetium
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 75
Joined: Sun Oct 16, 2016 10:56 pm

Re: Routing between 3 sites using IPSec tunnels

Thu Jun 03, 2021 4:55 pm

I think the case is clear without the export.
Site A connected over an IPSec to Site B and Site B connected over an IPSec to Site C.
 
ramirez
Member Candidate
Member Candidate
Posts: 144
Joined: Sun May 12, 2013 9:48 pm

Re: Routing between 3 sites using IPSec tunnels

Fri Jun 04, 2021 7:23 pm

In IP/Routes you will set Dst. address of the machine you wish to reach or the subnet and you will choose the appropriate gateway .

Who is online

Users browsing this forum: BinaryTB, Bing [Bot], Google [Bot], GoogleOther [Bot] and 68 guests