Site 2 Site tunnel with multiple identical subnets on remote sites - without virtual hosts ( Route Based VPN )
The goal: connect to multiple the same subnets on clients side using vpns. topology: As you see on the left side are clients with diffirent subnets 10.213.222.0/24 and 10.213.223.0/24, but on the right side all of them have the same 10.240.0.0/24 To make this work we need to route traffic to the specific VPN due to source IP. So if the source subnet is 10.213.222.0/24 route it into VPN1 and if source subnet is 10.213.223.0/24 route it into VPN2 Address scheme: - VPN HUB external eth192 WAN: 172.16.160.254 internal eth224 LAN1: 10.213.222.1/24 internal eth256 LAN2: 10.213.223.1/24 - ClientA external eth192 WAN: 172.16.160.1 internal eth224 LAN: 10.240.0.1/24 - ClientB external eth192 WAN: 172.16.160.2 internal eth224 LAN: 10.240.0.1/24 HUB ipsec.conf nano /etc/ipsec.conf conn %defult ikelifetime=28800s lifetime=3600s keyingtries=1 keyexchange=ikev1 conn clientA authby=secret ike=3des-sha1