On 01/07/2012 11:56 AM, Luc MAIGNAN wrote: > > Le 07/01/2012 18:53, Kevin Martin a écrit : >> >> On 01/07/2012 11:49 AM, Luc MAIGNAN wrote: >>> Le 07/01/2012 18:39, Kevin Martin a écrit : >>>> On 01/07/2012 11:30 AM, Luc MAIGNAN wrote: >>>>> Le 07/01/2012 18:21, Kevin Martin a écrit : >>>>>> On 01/07/2012 11:01 AM, Luc MAIGNAN wrote: >>>>>>> Yes, 50.184 is another box on the network on which the tunnel has been setup via racoon. >>>>>>> On 50.184 the access to 172.16.2.6 works fine. ANd I want to use 50.184 as a gateway for this host on the network. >>>>>>> >>>>>>> What email address have I to use to do not top post ? >>>>>>> >>>>>>> >>>>>>> >>>>>>> Le 07/01/2012 17:53, Kevin Martin a écrit : >>>>>>>> On 01/07/2012 10:46 AM, Luc MAIGNAN wrote: >>>>>>>>> 192.168.50.184 is a gateway on which a IPSEC tunnel allow to access to host 172.16.2.6 >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> Le 07/01/2012 17:45, Kevin Martin a écrit : >>>>>>>>>> On 01/07/2012 10:18 AM, Luc MAIGNAN wrote: >>>>>>>>>>> Hi, >>>>>>>>>>> >>>>>>>>>>> I have the following problem. >>>>>>>>>>> >>>>>>>>>>> Here is the output of : route -n : >>>>>>>>>>> >>>>>>>>>>> 0.0.0.0 192.168.50.2 0.0.0.0 UG 0 0 0 eth0 >>>>>>>>>>> 169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth0 >>>>>>>>>>> 172.16.2.6 192.168.50.184 255.255.255.255 UGH 0 0 0 eth0 >>>>>>>>>>> 192.168.50.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> When I try to ping 172.16.2.6, it doesn't work while the first available route is used (0.0.0.0 via 192.168.50.2) >>>>>>>>>>> >>>>>>>>>>> How can I modify the order of the route table to force use of the right route ? >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> Thanks for any help >>>>>>>>>> What is 192.168.50.184? From the routing table, its the same ethernet nic so it's no wonder the route to 172.16.2.6 is >>>>>>>>>> using the >>>>>>>>>> 0.0.0.0 (default) route (even though it looks like you've tried to force it to a different route). If you want to split the >>>>>>>>>> 192.168.50 network you'll need two nics, you'll need to set the netmask correctly to split it between them, then you will be >>>>>>>>>> able to >>>>>>>>>> set the 172.16.2.6 host to route a different way. >>>>>>>>>> >>>>>>>>>> Kevin >>>>>>>> So the 50.184 address is another box which you have an ipsec tunnel to from the machine that this network route is on? How >>>>>>>> are you >>>>>>>> creating the tunnel? >>>>>>>> >>>>>>>> And please don't top post, it makes it hard to consistently read the thread. >>>>>>>> >>>>>>>> Kevin >>>>>> Do you have ip forwarding turned on on the host that you are trying to route over the tunnel (the one with the 172.16.2.6 >>>>>> route)? >>>>>> And not top-posting (or bottom posting) is simply done by posting your replies at the bottom of the thread, not the top. That >>>>>> way >>>>>> people can read from top-to-bottom of a thread (like a book). Makes the threads much easier to follow then top posting (the >>>>>> Microsoft Outlook default). >>>>>> >>>>>> Kevin >>>>> Yes the ip forwarding is enabled. >>>>> With the route table I've described, I am directed on 50.2 and If I place on it the route to 172.16.2.6 via gw 50.184 it works. >>>>> But I consider that It is not necessary to pass via 50.2 >>>>> It is why I search a way to modify the routage table >>>> Can you show a "traceroute 172.16.2.6" when you've got the tunnel up? >>>> >>>> Kevin >>> traceroute to 172.16.2.6 (172.16.2.6), 30 hops max, 60 byte packets >>> 1 192.168.50.2 (192.168.50.2) 0.187 ms 0.166 ms 0.154 ms >>> 2 192.168.50.184 (192.168.50.184) 0.545 ms 0.600 ms 0.603 ms >>> 3 * * * >>> 4 172.16.2.6 (172.16.2.6) 5.958 ms 4.324 ms 4.390 ms >>> >>> It should use directly 50.184 and not first 50.2 >>> >>> Luc >> What type of device is 50.2? Is it a switch of some kind? >> >> Kevin > > It is a fedora box, that works as a firewall/router > > Luc How is the box you are working on (what's the 192.168.50 address of that box, by the way) connected to the Fedora FW/RTR machine? Is it a crossover cable, is it thru a hub of some kind, and the same question for the 192.168.50.184 machine? Kevin -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
