routing through BOVPN
Hi. I have a large network of 9 firewalls M200. I have configured the Tunnel switching to communicate all sites each other through BOVPN as per article http://customers.watchguard.com/articles/Article/Use-tunnel-switching-to-route-VPN-traffic-between-Branch-Office-VPN-tunnels
All sites have 0 for external network and 1 for trusted network
All sites connect to primary site 1 for gateway (primary site only has static IP from ISP. All sites call the primary site)
I have 2 sites with optional interfaces that need to communicate from site 2 opt2 to site 3 opt 2 through the established BOVPN with primary site 1.
how can this be done? I added static routes but it does not wok. do i have to do the same in the BOVPN tunnels route? this is consuming lots of BOVPN licenses in the primary firewall.
Comments
Remove the added static routes.
You need to define additional entries on your Tunnel setups to allow this access.
I believe that this is what you need.
Add an entry to site 2 with Local = site 2 optional subnet; Remote = site 3 optional subnet
Add an entry to site 3 with Local = site 3 optional subnet; Remote = site 2 optional subnet
Add an entry to site1 Tunnel to site 3, with Local = site 2 optional subnet; Remote = site 3 optional subnet
Add an entry to site1 Tunnel to site 2, with Local = site 3 optional subnet; Remote = site 2 optional subnet
Hi Bruce,
you got the point, I understood what you say and I modified the configs accordingly.
Unfortunately, the new tunnels are inactive in the front panel system manager.
check 3 jpegs of vpntunnels site 1, site 2 and site 3
site 2 optional int is 192.168.69.0
site 3 optional int is 192.168.70.0
site 1 connects stite 2 and 3 as you said.
https://ibb.co/Prr4dZP
https://ibb.co/5GNSWv9
https://ibb.co/k9yZtNW
I recommend that you open a support incident so that a WG rep can review your setups.
Hi Bruce,
the above solution worked fine.
Thank you.