HPE Networking
Showing results for 
Search instead for 
Do you mean 

Filtering ipSec traffic per-tunnel on a MSR router

Occasional Contributor

Filtering ipSec traffic per-tunnel on a MSR router

Hello,

 

I have a bunch of MSR900 routers connected to a MSR 30/20 (headquarter). At headquarter site, the ipSec tunnels are terminated on the WAN interface. How can I distinguish traffic coming from each of the ipSec interfaces from each other and from the traffic coming in from the WAN interface.

 

E.g. let's suppose the site A has 192.168.100.0/24, site B 192.168.200.0/24 and the headquarter 192.168.0.0/24 at the LAN side and 222.222.223.224 on the WAN. How can I prevent an IP 192.168.200.1 coming from the ISP (WAN) side and still allow just certain services from site A and some other services from site B?

 

Thanks,

 Damir