Page 1 of 1

How to keep multiple subnets separated over tunnels ?

Posted: Thu Apr 23, 2015 3:03 pm
by ik3umt
Please , look at diagram :

Image

All 192.168 subnet have to communicate together , as well the 10.0 ones but separating 192 from 10

RIP learn routes immediately but each subnet can reach any other by routing

Can RIP be used with group of subnets ??

With a single WAN address on routerboard , a single GRE tunnel can be estabilished, can I route more subnets in a single tunnel keeping them separated ??

Should I use different solutions for tunneling/routing ??

Thank you

Re: How to keep multiple subnets separated over tunnels ?

Posted: Thu Apr 23, 2015 4:01 pm
by Sob
What about firewall? Take packets from/to tunnel, accept those from 10.* to 10.* and from 192.168.* to 192.168.* and reject the rest. Any problem with that?

Re: How to keep multiple subnets separated over tunnels ?

Posted: Thu Apr 23, 2015 4:52 pm
by ik3umt
So, a single GRE tunnel with RIP , where all is reachable from all and filtering subnets with firewall rules ??

Re: How to keep multiple subnets separated over tunnels ?

Posted: Thu Apr 23, 2015 5:02 pm
by TomosRider
This should be VLAN related topic.

Re: How to keep multiple subnets separated over tunnels ?

Posted: Thu Apr 23, 2015 5:49 pm
by ik3umt
I should avoid Vlan use,
I wonder if there is any possibility to build two tunnels over a single peer (wan ip address).....

Re: How to keep multiple subnets separated over tunnels ?

Posted: Thu Apr 23, 2015 5:58 pm
by rmmccann
I should avoid Vlan use,
I wonder if there is any possibility to build two tunnels over a single peer (wan ip address).....
I would just configure firewall rules on the two routers that have the tunnel. Let the data flow over the tunnel unhindered, and let the router's firewall rules decide what traffic is allowed where via the forward chain.

Re: How to keep multiple subnets separated over tunnels ?

Posted: Thu Apr 23, 2015 6:23 pm
by ik3umt
So i'll try that way...
Thanks