This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

2 Standorte gleiches internes Netz, Site-to-Site IPsec

Hallo zusammen,
ich möchte gern zwei Standorte über zwei UTM miteinander verbinden.
UTM1 hängt hinter einer Fritz!Box als Exposed Host (DynDNS) und UTM2 hat eine Feste IP an Glasfaser.
Intern haben beide das gleiche Netz 192.168.169.0
Ich bin nach dieser Anleitung vorgegangen:
Der Tunnel steht auf grün.
UTM1 hat 192.168.180.0
UTM2 hat 192.168.190.0
Darüber läuft die IPsec-Verbindung.
Das 1:1 NAT habe ich entsprechend der Anleitung angelegt.
Trotzdem kann ich keine Adresse vom jeweils anderen Standort erreichen.
Also von Standort 1 (192.168.169.1) zu Standort 2 (192.168.169.230) ist nicht möglich
und umgekehrt auch nicht.
ich finde einfach den Fehler nicht.
Vielen Dank für eure Hilfe !
Standort 1:
Standort 2:
Gruß Holger


This thread was automatically locked due to age.
Parents
  • (Sorry, zu früh, um mein Deutsch heute Morgen zu testen, haha)

    Interesting that you have a NAT.  I have IPsec site-to-site setup as well and I didn't use any NAT and can connect to either side just fine.  Have you tried without the NAT?

    OPNSense 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
    16GB Memory | 500GB SSD HDD | ATT Fiber 1GB
    (Former Sophos UTM Veteran, Former XG Rookie)

Reply
  • (Sorry, zu früh, um mein Deutsch heute Morgen zu testen, haha)

    Interesting that you have a NAT.  I have IPsec site-to-site setup as well and I didn't use any NAT and can connect to either side just fine.  Have you tried without the NAT?

    OPNSense 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
    16GB Memory | 500GB SSD HDD | ATT Fiber 1GB
    (Former Sophos UTM Veteran, Former XG Rookie)

Children
  • Site-to-site is not a problem if both sites have different internal networks.
    Here, however, both sites have the same internal network.
    Therefore, fake networks were created for the IPsec.
    For this then the NAT, see linked instructions.
    But still it does not work...

  • Did you try unchecking the 'Automatic Firewall rule'?  I seem to remember this being an issue on something I recently read about site-to-site.

    OPNSense 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
    16GB Memory | 500GB SSD HDD | ATT Fiber 1GB
    (Former Sophos UTM Veteran, Former XG Rookie)