Community discussions

MUM Europe 2020
 
User avatar
mistiq
newbie
Topic Author
Posts: 37
Joined: Wed Oct 19, 2011 3:13 am
Location: Outside

IPsec Encription on Interface.

Wed Oct 19, 2011 4:24 am

I have network based on VPNs (GRE tunnel). I need to encrypt all traffic in tunnel not depends on his source and destinations.
For example:
I have site-to-site vpn between 2 routers (A and B)
Behind A i have stub lan A.
Behind B i have Proxy for my Internet connections.
Router A have 2 gre tunnel to router B over different ISP.
Router A have 2 default route in this tunnels with different metric.
I can`t make IPsec rule because i do not know destination for packet from lan A (traffic not going directly for Proxy and forward to Proxy matching firewall rule).
Possible be helpful - encrypt gre protocol on physical interface, but some routers have a dynamic IP`s and uses dyndns service to create the connection.
Image
Another example:
I have two backbone routers A and B with some VPN tunnel between it. And have some local network on both side.
I`ll add new lan, and i need to add ipsec`s rule fore each new network on both routers. It easy when i have only two routers but "If it is more more than.."?

Have idea how to help me in this?
Thank for answers!
K.i.s.S.

Who is online

Users browsing this forum: manasar and 87 guests