I hope this is a simple question folks, i've googled around and cannot seem to find an answer, or at least an answer I can understand.
I have a test network and a production network which are at different sites connected by strongswan. test network is 172.16.0.0/16, production network is 10.172.0.0/16 (routers are at 172.16.254.254 and 10.172.254.254 respectively) i want to be able to connect to my test network from home and also have access to the production network through the test network connection. My home network is 192.168.1.x/24 (router at 192.168.1.254) I have configured strongswan at home and on the test network and can manually establish a connection successfully. From home, I can talk to devices on the test network. I can't figure out what the correct ip route command is to send traffic for 10.172 through 172.16 for example, if I try on my home router: ip route add 10.172.0.0/16 via 172.16.254.254 i get a "error: nexthop has invalid gateway" (I can ping 172.16.254.254 from my home router so it is reachable) I cannot connect from home directly to production as that appliance's licensing limits the number of ipsec connections it can have. I'm running Centos 7 with the latest version of strongswan through the Centos 7 repos. any help would be appreciated.
