Static Route to reach remote router (over a VPN).



  • Hi to all, I need you help to make my scenario to work.

    I have this

    LAN1–--------JUNIPER-SSG5------( VPN TUNNEL )------LINKSYS-RV082----------LAN2.

    LAN1 have 192.168.215.0/24
    LAN2 have 198.117.63.0/24  (Im not using standard private addresses, but works)

    When setup the tunnel I define a Static Route in the Juniper like this.

    IP/Netmask Gateway Interface Protocol Preference Metric Vsys Configure
    198.117.63.0/24         tunnel.1 S         20       1         Root Remove

    Then I can see all hosts in LAN2, VPN works fine.

    But I have a firewall in LAN2 (198.117.63.10) behind this firewall I have other subnet LAN3,

    How I can define a Static route in the Juniper to indicate that all traffic to LAN3 must be send through  198.117.63.8.

    I have defined this rules, but anyone seems to work.

    IP/Netmask Gateway   Interface Protocol Preference Metric Vsys Configure
    198.117.62.0/24           tunnel.1         S         20       1         Root Remove
    198.117.62.0/24 198.117.63.8  tunnel.1       S         20       1         Root Remove

    Richard



  • You need to add a static route on LAN1 to sent traffic to r LAN3 over  the tunnel interface.
    So you just need
    "198.117.62.0/24                  tunnel.1          S          20          1          Root    Remove"
    and not “198.117.62.0/24  198.117.63.8  tunnel.1          S          20          1          Root    Remove”

    Just to make sure tunnel.1 is the tunnel interface between LAN1 and LAN2 correct ?
    Also LAN3 firewall will need a route to LAN1 or src-NAT on it’s egree interface .


 

21
Online

38.4k
Users

12.7k
Topics

44.5k
Posts