01-26-2016 10:31 PM
Good day, we have 3x Vyatta firewalls on different sites with IPsec VPN running.
On our main site we have 2x subnets.
192.168.0.x/24 for data with the interface being 192.168.0.2
192.168.1.x/24 for voice with interface being 192.168.1.2
From the voice subnet we can ping the voice interface, data interface and everything inside the data network.
From the data subnet we can ping everything in the data network, the data interface AND the voice interface but nothing within the voice subnet.
We can ping inside the voice subnet from the firewall but not from the data network.
If I do a tracert it gets to the voice subnet interface and then routes out the default route instead of the voice subnet itself.
We have various NAT's setup and NAT excluded for our IPSec VPN tunnel. There are no applicable firewall rules at the moment.