Solved

vpn- connectivity

Posted on 2014-12-06
7
114 Views
Last Modified: 2014-12-11
Here is my scenario:

3 sites:  192.168.3.x, 192.168.4.x & 192.168.5.x (site to site )

sites 3.x and 4.x currently has a tunnel between them.  site, 4.x only tunnel into site 5.x.

note:  there is no tunnel between 3.x and 5.x

Is there a way to make devices in site 5.x communicate with devices in site 3.x without having to create a separate tunnel ?  and what you recommending?
0
Comment
Question by:mwauki
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
7 Comments
 
LVL 4

Accepted Solution

by:
themightydude earned 500 total points
ID: 40485011
Yes you can setup what you call a hub and spoke VPN setup.

So you have a core VPN router, firewall, whatever (Site 4) and everything else connects back to that.

What kind of firewall's / VPN devices do you have at each site?

Since everything connects back to site 4.x you'll need to tell site 5 that site 3's network is available through site 4 and you'll need to tell site 3 that site 5's network is availbe through site 4.

So essentially you have your VPN tunnels and the destination network available across the VPN at Site 5 will be 192.168.3.x and 192.168.4.x

Then the destination networks available across the VPN from Site 3 to 4 is:
192.168.4.x and 192.168.5.x

Make sense?
0
 

Author Comment

by:mwauki
ID: 40485022
devices are:  cisco ASA550 (site 3), Linksys (site4) & Juniper (site 5)...

Thanks, TMD.

however, when you say "tell" what do you mean by that?  is there like an option with in the devices that I need to enable?  if you can..
0
 
LVL 4

Expert Comment

by:themightydude
ID: 40485033
By tell I mean for example on Sonicwall's that I've set this up on we have a destination network object that is available across the VPN. So when we do a setup like this we put in that destination network object, whatever networks are available on the other side.


I'm not sure what the settings is on those 3 devices, but you need to modify the VPN on Site 3 and add site 5 as a destination and not just site 4. It needs to be site 4 and 5.

Site 5's VPN needs to have Site 4 and 3 as a destination through it's VPN back to Site 4.

I'm not sure if the linksys will actually route all that though, but I would think it could.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:mwauki
ID: 40485139
tthanks but I didn't want to create a tunnel between 3.x and 5.x...
0
 
LVL 4

Expert Comment

by:themightydude
ID: 40485204
Your not creating a tunnel between 3 and 5. Your simply routing traffic from 3 to 5 through 4 which you do have a tunnel with and vice versa for 5 back to 3.

Your VPN tunnels are only between 3 and 4 and 4 and 5.
0
 

Author Comment

by:mwauki
ID: 40485912
Thanks, Themightydude.   correct.  I think my problem is that I have a Linksys in the middle (the 4.x) and I can't seem to find within Linksys the feature to do so or unless I'm not looking at it correctly?
0
 

Author Closing Comment

by:mwauki
ID: 40495036
thanks much for your time and effort...
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Before I go to far, let's explain HA (High Availability) and why you should consider it.  High availability is the mechanism used to provide redundancy to any service at the same site and appears as a single service to the users of that service.  As…
Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
Suggested Courses

622 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question