I had a question asked of me today that I thought I knew the answer to, but, after thinking about it I wanted to get the thoughts of this sub...
So, Let's assume we have two devices.
Device "A" has an IP address of 10.192.193.40 with a mask of 255.255.0.0
Device "B" has an IP address of 10.192.192.40 with a mask of 255.255.255.0
I have an IPsec VPN setup between two sites that routes the full /24 of 10.192.192 to 10.192.193, and the full /24 of 10.192.193 to 10.192.192
My answer would normally be that in this case the IPsec rules are explicit, and only allow /24 traffic across - but the point was made that masking shouldn't matter here, and I was asked why the device "A" couldn't talk to device "B"
As I understand it, Device "A" should be able to talk to anything from 10.192.0.1 to 10.192.255.254, and as I understand it Device "B" should be able to talk to anything from 10.192.192.0 to 10.192.192.254
So - why couldn't Device A talk to Device B?
No comments:
Post a Comment