I realize that transmitting packets over IPsec can blow your mind. But help me put my brain back together.
I have 3 routers A, B and C connected in OSPF. Each has a valid routing table:I connect computer K from the Internet to router A via IPsec and everything works fine until router C connects via IPsec (don't ask why) to router A. I understand why router C no longer responds to the computer K via routing addressing (because IPsec for everyone devices distribute addresses in one subnet). But I cannot understand why router B stops responding to the computer K (if the query source is a subnet distributed by IPsec). Please help me understand.
Polices on router A:#1 is computer K
#3 is router C
Both templates have different group, but both peers get IP from the same subnet 172.20.1.0/24 by Mode Configs. So computer K gets as you see 172.20.1.5 and router C gets 172.20.1.21. 172.30.1.0/24 is local subnet of router C.
I have 3 routers A, B and C connected in OSPF. Each has a valid routing table:
Code:
K <----> (internet) <---> A <---> B <---> CPolices on router A:
Code:
# PEER TUNNEL SRC-ADDRESS DST-ADDRESS PROTOCOL ACTION LEVEL PH2-COUNT 0 T * 0.0.0.0/0 172.20.1.0/24 all 1 DA peer1 yes 0.0.0.0/0 172.20.1.5/32 all encrypt unique 1 2 T 0.0.0.0/0 172.30.1.0/24 all 3 DA peer1 yes 0.0.0.0/0 172.30.1.0/24 all encrypt unique 1#3 is router C
Both templates have different group, but both peers get IP from the same subnet 172.20.1.0/24 by Mode Configs. So computer K gets as you see 172.20.1.5 and router C gets 172.20.1.21. 172.30.1.0/24 is local subnet of router C.
Statistics: Posted by Zergling — Tue Jan 30, 2024 4:57 pm
