Friday, April 2, 2021

Multiple networks over IPSec tunnel, but not all networks should be able to communicate with each other

I want to send 2 pairs of networks at either side over an IPSec tunnel. But both pairs of networks should not be able to interact with each other:

Site1 —> Site2;

Pair 1: 192.168.10.0/24 —> 192.168.11.0/24;

Pair 2: 192.168.20.0/24 —> 192.168.21.0/24;

So for example 192.168.10.0/24 needs to be able to reach 192.168.11.0/24 at site 2, but not 192.168.21.0/24.

To accomplish this, should I make 2 IPSec tunnels? Or 1 tunnel with multiple phase2 selectors?



at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)