You have either to sum up some subnets and use a larger subnetmask at the mainoffice or build parallel tunnels. If you tell me the 3 subnets of all locations I can tell you what's easier to do and how to do it. I have a 10 location setup that is running like this. All sublocations connected through the mainoffice. Routing won't help you across VPNs as the traffic won't match the tunneldefinition.
Holger > -----Original Message----- > From: Rob Evers [mailto:[EMAIL PROTECTED] > Sent: Tuesday, September 26, 2006 10:42 AM > To: Rob Evers > Cc: support @ pfsense. com > Subject: [pfSense Support] Re: Routing and VPN tunnels > > > Rob Evers wrote: > > Hi All, > > > > I have a problem with routing and IPSEC VPN tunnels, attached is a > > picture of the setup. There is a firewall cluster in the > main office, > > the firewalls in the branch offices all connect through > IPSEC with the > > main office. > > > > So A <-> B is a IPSEC tunnel and A <-> C is a IPSEC tunnel, this all > > works, I can reach the LAN of the main firewall from the > clients and the > > other way around, so far no surprises. What I want is that > clients from > > the branches can reach each other, so communication between > the LAN from > > B to C......... > > > > What routing enties should I setup to make this happen ? And is this > > possible at all ? > > > > thx! > > Rob > > > > > > > > > -------------------------------------------------------------- > ---------- > > > Sorry, I forgot to tell you the IPSEC tunnels terminate on the CARP > address of the firewall cluster (A). > > Rob > > -- > "Intellectual Property" is nowhere near as valuable as "Intellect" > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
