/* Style Definitions */
mso-padding-alt:0cm 5.4pt 0cm 5.4pt;
mso-bidi-font-family:"Times New Roman";
I have just configured an IPSEC VPN between our head office and one of our remote offices. The main purpose of this VPN is to route ALL traffic from the remote office via our head office and then on to the internet. This way we can control all traffic originating from the remote office from our firewall in the main office. However, this is only a temporary solution and we will eventually be installing a separate firewall in the remote office.
The problem I’m facing is that I cannot seem to find any information related to our setup. From what I understand IPSEC is mainly used to connect two offices, not used to route all traffic over it. The second problem I’m facing is that at the moment my two offices are using different subnets. At the remote office I have one subnet of 10.166.73.0/27 and at my main office I use 192.168.0.0/24. I was hoping to be able to use the same subnet at the remote office as I do in my main office. The reason I want to do this is because I have a “Captive portal” located at my main office. This “Captive portal” will only work in NAT-mode so I would like to use my router at the main office as a DHCP server for both offices.
At the moment my access-lists looks like this;
Main office: permit ip 192.168.0.0 0.0.0.255 10.166.73.0 0.0.0.31
Remote office: permit ip 10.166.73.0 0.0.0.31 192.168.0.0 0.0.0.255
I was hoping to change the access-list on the remote office router to;
permit ip 10.166.73.0 0.0.0.31 0.0.0.0 0.0.0.0
in order to force all traffic over the VPN. Will this work or do I need to match that access-list on router in the main office?
Hopefully this makes sense!