Question :can not spoke traffic to spoke in site-to-site

General questions
1

Hi all,

I’m trying config site-to-site,but spoke traffic to spoke.

ex:A can ping to B,C.B,C can ping to A.but B cant ping to C.C cant ping to B.

763×640 41.3 KB

anyone can help me ?

Thanks!

2

Sorry but with those kind of information we cannot do anything.

Please provide more details about the setup (a schema would be very useful) and the routers configuration.

3

sorry,my English is not very well.please forgive me.Thank you!

Headquarters and branch through the ipsec connection, branch company of the router does not support the DMVPN just use the site - to - site connection.

Headquarters A configuration is as follows:

set interfaces ethernet eth0 address 27.XX.XX.XX/30
set system gateway‐address 27.XX.XX.1
set interfaces ethernet eth1 address 172.20.0.1/24

set vpn ipsec ipsec‐interfaces interface eth1
set vpn ipsec ike-group IKE-1
set vpn ipsec ike-group IKE-1 lifetime 28800
set vpn ipsec ike-group IKE-1 proposal 1 dh-group 2
set vpn ipsec ike-group IKE-1 proposal 1 encryption 3des
set vpn ipsec ike-group IKE-1 proposal 1 hash md5
set vpn ipsec esp-group ESP-1 lifetime 3600
set vpn ipsec esp-group ESP-1 mode tunnel
set vpn ipsec esp-group ESP-1 pfs enable
set vpn ipsec esp-group ESP-1 proposal 1 encryption 3des
set vpn ipsec esp-group ESP-1 proposal 1 hash sha1

set vpn ipsec site-to-site peer 0.0.0.0 authentication mode pre-shared-secret
edit vpn ipsec site-to-site peer 0.0.0.0
set authentication pre-shared-secret tset12345
set default-esp-group ESP-1
set ike-group IKE-1
set local-address 27.XX.XX.1
set tunnel 1 local prefix 172.20.0.1/24
set tunnel 1 remote prefix 172.30.1.1/24
set tunnel 2 local prefix 172.20.0.1/24
set tunnel 2 remote prefix 192.168.18.1/24
set tunnel 3 local prefix 172.20.0.1/24
set tunnel 3 remote prefix 192.168.19.1/24
set tunnel 4 local prefix 172.20.0.1/24
set tunnel 4 remote prefix 192.168.20.1/24
set tunnel 5 local prefix 172.20.0.1/24
set tunnel 5 remote prefix 192.168.20.1/24

All the above configuration tunnel can access 172.20.0.1/24
But can’t visit each other between tunnel.

How to configure after.
Thank you very much for your help.

Thanks.