So, I have Site A and Site B
Site A: 10.0.1.0/24
Site B: 10.0.2.0/24 & 10.0.3.0/24
I can create an IPSEC policy between the sites. Like:
10.0.1.0/24 <=> 10.0.2.0/24
10.0.1.0/24 <=> 10.0.3.0/24
Both come up fine.
I then create a RAW rule - no track, for traffic as such:
notrack 10.0.1.0/24 -> 10.0.2.0/24
notrack 10.0.1.0/24 -> 10.0.3.0/24
notrack 10.0.2.0/24 -> 10.0.1.0/24
notrack 10.0.3.0/24 -> 10.0.1.0/24
And no traffic flows to either net...
If I disable one of the Site B nets... Traffic flows.
In a nutshell, I can get the sites connected, and traffic flow, but only to ONE of Site B's nets at a time. I can't get both running at the same time.
Any ideas what I am missing?