Can multiple S2S VPNs between the same two sites coexist on the router?
Is it feasible to have both IPSEC and Wireguard connections between two office networks? I'm trying to route some internet traffic and not having a good time with the IPSEC Policy method of routing. Wireguard seems to be a bit simpler in terms of routing.
Re: Can multiple S2S VPNs between the same two sites coexist on the router?
It is possible to have several routes between two networks, but why do you need it?
If you already set up Wiregard, why do you need another VPN?
IPSec policy could be pretty complex sometimes, but you could use GRE+IPSec which is pretty simple to configure. It uses IKEv1 (AFAIK) but still works perfectly
https://help.mikrotik.com/docs/display/ROS/GRE
This is probably the most simple way to create VPN between two Mikrotiks with public addresses.
If you already set up Wiregard, why do you need another VPN?
IPSec policy could be pretty complex sometimes, but you could use GRE+IPSec which is pretty simple to configure. It uses IKEv1 (AFAIK) but still works perfectly
https://help.mikrotik.com/docs/display/ROS/GRE
This is probably the most simple way to create VPN between two Mikrotiks with public addresses.
Re: Can multiple S2S VPNs between the same two sites coexist on the router?
The environment i've inherited already has an IPSEC policy tunnel established, but we need to route github.com traffic through it, and I'm not grasping very well how to make that work in a simple manner. Wireguard appears to have simpler routing rules, so my thought was to set up a wireguard tunnel alongside the IPSEC and only use it for routing github traffic through.It is possible to have several routes between two networks, but why do you need it?
If you already set up Wiregard, why do you need another VPN?
IPSec policy could be pretty complex sometimes, but you could use GRE+IPSec which is pretty simple to configure. It uses IKEv1 (AFAIK) but still works perfectly
Re: Can multiple S2S VPNs between the same two sites coexist on the router?
When you want to route arbitrary traffic over a tunnel, it is easiest when it is a GRE/IPsec (or IPIP/IPsec) tunnel as described above.
When you already have a plain IPsec tunnel it is possible to convert it but you need admin access to both sides.
When you already have a plain IPsec tunnel it is possible to convert it but you need admin access to both sides.
Re: Can multiple S2S VPNs between the same two sites coexist on the router?
I do have full access to both ends of the tunnel, but one is Mikrotik and one is a TPLink router, so while they both may support GRE/IPsec, i'm not certain of that yet.When you want to route arbitrary traffic over a tunnel, it is easiest when it is a GRE/IPsec (or IPIP/IPsec) tunnel as described above.
When you already have a plain IPsec tunnel it is possible to convert it but you need admin access to both sides.
I'll do some digging to familiarize myself with the differences.