If you have an internal network with a local link / static route
to, you think that the traffic to a network like that will always be
prioritized?
WRONG!
If the same net is included in a supernet over a IPSec tunnel, traffic will hit that one first.
So for example:
You have 10.123.123.0/24 internally (let’s say it’s a client net on a co office)
and
10.123.0.0/16 is pointed over to the mighty big router on the HQ over IPSec
The above scenario will not work since traffic is routed over the VPN tunnel first.
The solution this far seems to be to use OpenVPN to connect instead of IPSec, sad but true.
WRONG!
If the same net is included in a supernet over a IPSec tunnel, traffic will hit that one first.
So for example:
You have 10.123.123.0/24 internally (let’s say it’s a client net on a co office)
and
10.123.0.0/16 is pointed over to the mighty big router on the HQ over IPSec
The above scenario will not work since traffic is routed over the VPN tunnel first.
The solution this far seems to be to use OpenVPN to connect instead of IPSec, sad but true.
Kommentarer
Skicka en kommentar