I believe others on the list actually do this. A-B tunnel is defined as 192.168.0.0/16 (hub site) to 192.168.1.0/24 (spoke) A-C tunnel is defined as 192.168.0.0/16 (hub site) to 192.168.2.0/24 (spoke)
C and B can communicate via A as the spoke networks are within the network defined for A. --Bill On 7/16/07, Chris Buechler <[EMAIL PROTECTED]> wrote:
David Wadson wrote: > It's probably possible - but will require control of all the endpoints > and some static routing. > > Endpoint at site B will need to know the route to site C (through site > A's gateway) > > Site C will need a static route for the traffic to flow back to site B > (though site A). If you can't do that, then in all likelihood the > replies will go out site C's default gateway and be lost. static routes with VPN don't work. The traffic has to match the SPD to traverse an IPsec connection, which means it needs to have a source and destination matching an existing connection. Routes don't change the source or destination and hence can't force traffic over the VPN. I'm not aware of any way to do what the original poster was asking with IPsec. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
