Subnet A <-> GATEWAY A ------- VPN with FREE/SWAN --------- GATEWAY B <-> Subnet B <-> GATEWAY B1 (physically on Subnet B) <-> Subnet C
The question is: HOW DO I MAKE SUBNET C REACHABLE FROM SUBNET A?
I created a new connection in ipse.conf specifying as leftsubnet just the Subnet C. This way I can ping Subnet C from GATEWAY B but not from Subnet A.. It seems to me that packets are not routed correctly if they came from Subnet A! I already added a route to Subnet C on the GATEWAY B but it seems to work only for packets from the Gateway and not for the forwarded packets from Subnet A..
You'll need a new ipsec.conf connection at GATEWAY A and GATEWAY B for Subnet A <-> Subnet C, (which I think you did)
Then you need a route ON GATEWAY B TO Subnet C via GATEWAY B1 (which I think you did), ** AND the opposite route back ON GATEWAY B1 TO Subnet A via GATEWAY B **
If that doesn't work, you may need to ask the FreeS/WAN guys since it might be an erouting problem on GATEWAY B.
That is assuming there is no NAT or Masquerading occuring anywhere.
Regards,
-- ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Damion de Soto - Software Engineer email: damion@xxxxxxxxxxxx SnapGear - A CyberGuard Company --- ph: +61 7 3435 2809 | Custom Embedded Solutions fax: +61 7 3891 3630 | and Security Appliances web: http://www.snapgear.com ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ --- Free Embedded Linux Distro at http://www.snapgear.org ---
_______________________________________________ LARTC mailing list / LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/
