Hi
From my point of view the problem is that you use the same network
range 192.168.0/24 in your home and office. Off the top of my head I'd
say that this should not work. The routing entries look a bit scary,
actually. If I had the same setup, I'd try one of the following:
- change the home network to something else than 192.168.0/24
- nat all traffic from the home network on the office gateway to its own
internal address
And I'd start out with the simplest of configurations and build from that:
Home gateway:
ike dynamic esp from HOME_NET to 192.168.0.0/24 peer OFFICE_EXTERNAL_IP
psk xxx
Office gateway:
ike passive esp from HOME_NET to 192.168.0.0/24 psk xxx
krgds /markus
Alexey Vatchenko wrote:
flow esp from 192.168.0.0/24 to 192.168.0.0/24 type bypass
Coming to the office this morning i found out that all office's outgoing
traffic goes through my home gateway. It looks like IPSec created
default route for hosts in local network.
