[oclug] FreeS/WAN - make route to foreign subnet thru tunnel?
Charly Baker
cmb at fivefortyfour.com
Wed Apr 7 19:50:41 EDT 2004
The tunnel will only carry packets for destinations that are in the subnet it
was created to carry packets to. If you want to use the tunnel as a gateway
to other nets then you have to use subnet = 0.0.0.0/0, or create a second
tunnel for each additional subnet to which the tunnel is to carry packets.
Charly Baker
On Wednesday 07 April 2004 5:56 pm, Jon Earle wrote:
> Interesting config here. :)
>
> I want to make a route from a client through the tunnel, to a wholly
> separate subnet "out there". (Reason being, that subnet only accepts
> connections from the IP on the VPN gaetway.)
>
> On the client, I tried
>
> route add -net <remote network>.0/24 gw <def gw> dev ipsec0
>
> which succeeded in getting packets into ipsec0 as evidenced by pinging a
> host on the remote network and watching via 'tcpdump -i ipsec0'.
> Strangely, 'tcpdump -i eth0' (the interface over which ipsec0 is running)
> on the client showed nothing during the ping test, neither did a 'tcpdump
> -i ipsec0' on the VPN gateway.
>
> I added iptables rules on the VPN gateway to allow traffic over ipsec0 for
> the specific hosts I wish to access on that subnet... I still see nothing.
>
> Any thoughts?
>
> Cheers!
> Jon
>
> --
> Jon Earle
> Software Developer / Network Manager
> Specializing in Open Source Software Solutions
> http://kronos.honk.org/~earlej/
More information about the OCLUG
mailing list