- Community Home
- >
- Networking
- >
- Switching and Routing
- >
- WAN Routing
- >
- IPSEC VPN From MSR 2003 additional subnet
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-07-2018 10:11 PM - edited 02-07-2018 10:12 PM
02-07-2018 10:11 PM - edited 02-07-2018 10:12 PM
IPSEC VPN From MSR 2003 additional subnet
Has anyone been succesful in configuring additional remote subnet on an IPSEC tunnel on MSR 2003? I'm trying to add another subnet and route it through an existing VPN tunnel. F.e. this is the current state:
Site A Site B
1.010.1.0 <=ipsec=> 10.10.2.0
What I'm attempting to accomplish is add another subnet (f.e. 10.10.3.0) on Site B and route SiteA to it. On an ASA device I'd extend the network group with the new subnet and add appropriate ACL but I can't make my way here.
I did try to add static route for the new subnet (10.10.3.0) on the MSR 2003 but then I loose connectivity to 10.10.2.0. I guess I should be extending the flow if that's possible like so:
Flow:
sour addr: 10.10.1.0/255.255.255.0 port: 0 protocol: ip
dest addr: 10.10.2.0/255.255.255.0 port: 0 protocol: ip
dest addr: 10.10.3.0/255.255.255.0 port: 0 protocol: ip
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
02-09-2018 02:40 AM
02-09-2018 02:40 AM
Re: IPSEC VPN From MSR 2003 additional subnet
After some fiddling, I'm starting to think about object-groups and avoid creating another tunnel for the other subnet. IF object-groups can be defined within ipsec config. According to the manual remote address can be only:
remote-address { [ ipv6 ] host-name | ipv4-address | ipv6 ipv6-address }
and not object-group. Will have to try it out.