I am struggling to get two different subnets routing along a IPSec tunnel.
The tunnel is between a Vyatta (6.5) and a Juniper firewall.
The tunnel was initially created to route between a subnet in our office behind the Vyatta (10.150.0.0/24) to a subnet in our offsite DR (10.250.0.0/24). However, I now also want to route another subnet in our office to the offsite DR (192.168.47.0/24).
I have added another tunnel on the Vyatta to allow this:
tunnel 1 {
allow-nat-networks disable
allow-public-networks disable
esp-group ***
local {
prefix 10.150.0.0/24
}
remote {
prefix 10.250.0.0/24
}
}
tunnel 2 {
allow-nat-networks disable
allow-public-networks disable
esp-group ***
local {
prefix 192.168.47.0/24
}
remote {
prefix 10.250.0.0/24
}
}
Also I have modified the security and routing on the Juniper to allow this traffic.
The strange thing is, this seems to work but for only one tunnel at a time. Both tunnels show as up and connected however I can only ever receive responses from the 10.250.0.0 subnet from either the 10.150.0.0 or the 192.168.47.0, not both at the same time.
Not quite sure where I am going wrong here!
