Hello,
is it me, or something changed in the default IPsec site-to-site tunnel routing behavior?
Let's take an example:
Network1 (local): 192.168.1.0/24, gateway 192.168.1.254
Network2 (remote): 172.16.1.0/24, GW 172.16.1.254
Network3 (another remote network): 10.10.1.0/24
So, when I connect two networks, Network1 and Network2 with an site-to-site tunnel, I can do everything as usual and connect to resources on both sides.
And when Network3 comes to play, of course, I can connect to it from Network2, but if I want to connect from Network1:
I have to add that network to local networks on Network2, and in remote networks on Network1 AND previously, had to create Policy Route, which routed connections to Network3 to go over Network2 gateway.
However, currently, this seems to have changed.
If I disable the policy routing, I can still see packets going over the Network2. Only after removing the network3 from IPsec rules for site-to-site, does the network stop going over Network2, and actually goes over Network1 gateway.
What has changed?
This thread was automatically locked due to age.