Destination routing (with policies)



  • Hi All

    I’m struggeling with a routing problem(incl policies). :mrgreen:

    My Issue is

    SiteA  SSG5 :  LAN 192.168.1.0/24  on trust-vr )
    Site B SSG140 LAN 11.12.13.0/24 on trust vr) ( Untrust-vr) LAN 10.1.1.0/24)

    Now,  there is a SIte to site vpn between Site A and Site B, and 192.168.1.0/24 can ping 11.12.13.0/24 Working!

    Site B routing and policies between the vr’s are also setup correctly, so 11.12.13.0/24 can ping 10.1.1.0/24 Working

    My problem is how to route from Site A’s 192.168.1.0/24 to Site B’s 10.1.1.0/24 inc policies  :?

    So before posting config etc, I would hear if someone could point me in the right direction?

    Thanks in advance

    Marcel



  • Hi Bobjp

    Thanks for the answer.

    I also had in mind, that it would only be the routing in the ssg140, but its not enough with a next hop to the untrust vr, but I will try it to night.

    somehow I think that I need a route and policy from the ssg5 over the vpn to the untrust vr lan…  but can’t seem to get it right…

    I’ll get back 😉



  • Sorry my answer was a bit out of point.

    The only thing you have to care about is inter VR routing and policy on SSG140, I think.



  • I don’t see any problems with the routing.

    Meaning, you can ping 192.168.1.0/24 can ping 11.12.13.0/24, right?

    so SSG140 routes the traffic from 192.168.1.0/24 to 10.1.1.0/24 via 11.12.13.0/24, as long as the routes and policies exist.


 

25
Online

38.4k
Users

12.7k
Topics

44.5k
Posts