network topology
home network
remote network
##########
3.3.3.3 1.1.1.1 # #
2.2.2.2 4.4.4.4
---------------- router_a --------------# internet
#--------------- router_b -----------
| #
# |
| ########
|
3.3.3.2
4.4.4.2
|
|
firewall_a
firewall_b
|
|
5.5.5.4
7.7.7.4
|
|
|
|
network_a
network_b
5.5.5.0/24
7.7.7.0/24
-----------------------------------------------------------------------------------------------------------------------
network_a
home network = 5.5.5.0/24
firewall dual homed
network facing static nic address = 5.5.5.4
virgin media router facing static nic address = 3.3.3.2
virgin media router static address = 3.3.3.3
virgin media dynamic wan address = 1.1.1.1
network_b
remote network = 7.7.7.0/24
firewall dual homed
network facing static nic address = 7.7.7.4
virgin media router facing static nic address = 4.4.4.2
virgin media router static address = 4.4.4.4
virgin media dynamic wan address = 2.2.2.2
both firewalls run ipsec
both routers configured foe vpn passthrough
--------------
network_a ipsec.conf
# Macros
local_gw = "local_addr" # External interface
local_net = "5.5.5.0/24" # Local private network
remote_gw = "remote_addr" # Remote IPsec gateway
remote_nets = "7.7.7.0/24" # Remote private networks
# Set up the VPN between the gateway machines
ike esp from $local_gw to $remote_gw
# Between local gateway and remote networks
ike esp from $local_gw to $remote_nets peer $remote_gw
# Between the networks
ike esp from $local_net to $remote_nets peer $remote_gw
-------------------
Q1: for my local_gw is local_addr 3.3.3.2 or 3.3.3.3 or 1.1.1.1
Q2: for my remote_gw is remote_addr 2.2.2.2 or 4.4.4.4 or 4.4.4.2
