Hi,
I had a VPN up between 2 sites all working fine, I now need for another subnet on each of my SRX's to communicate via the VPN. I have adde traffic selectors for all options but when I apply, only the original networks communicate.
Site A 192.168.30.0/24 192.168.13.0/24
Site B 192.168.20.0/24 192.168.12.0/24
As example 192.168.30.10 can communicate with 192.168.20.10 without issue.
But 192.168.30.10 fails to communicate with 192.168.12.10.
Any combination site to site involving 192.168.13.0/24 & 192.168.12.0/24 do not work.
Below is example of config from one of the sites, the other side is identical but reserving of IP's.
vpn site-to-site{
bind-interface st0.1;
ike {
gateway site_to_site;
ipsec-policy site_to_site;
}
traffic-selector t1 {
local-ip 192.168.30.0/24;
remote-ip 192.168.20.0/24;
}
traffic-selector t2 {
local-ip 192.168.30.0/24;
remote-ip 192.168.12.0/24;
}
traffic-selector t3 {
local-ip 192.168.13.0/24;
remote-ip 192.168.20.0/24;
}
traffic-selector t4 {
local-ip 192.168.13.0/24;
remote-ip 192.168.12.0/24;
}
}
#vpn#trafficselector