Client VPN cannot see the other end of S2S VPN

EdgarEstrada · ‎11-27-2022

Client VPN subnet = 10.0.1.0/24

Office (meraki) subnet = 10.0.0.0/24 (cisco Meraki MX67W)

S2S non-meraki peer VPN between 10.0.0.0/24 and 192.168.20.0/24 (remote) - both networks work fine. they see each other.

10.10.1.X CANNOT see 192.168.20.X

Any ideas why it is not working?

ww · ‎11-27-2022

Does the other side have a route back to 10.0.1.0/24

EdgarEstrada · ‎11-27-2022

the other side is a ClearOS computer inside an esxi.

I have no idea how to do that via iptables.

Do you think that should do the trick?

PhilipDAth · ‎11-27-2022

Have you included 10.0.1.0/24 in the VPN on your side? As the remote side included that in the VPN as well?

EdgarEstrada · ‎11-27-2022

My side is the Meraki's side -- I tried adding a static route but Meraki's msg says I cannot add a static route using IPs from the VPN Client.

The remote side is an esxi with a gw ClearOS computer.

PhilipDAth · ‎11-27-2022

You don't need to add a static route. Just make sure your client VPN subnet is marked to be included in the VPN.