small info to add:
I am using a 2.4 kernel (RH-9) and the packets currently are going
through IPSec, then getting routed through eth0 directly (but I want
them to go through tunl0)
Prasad
Prasad wrote:
Hello Gurus,
I am a small problem with routing and here are the details.
Interfaces on my server:
* ipsec0 - 172.19.58.94
* tunl0 - 172.19.58.94
* eth0 - 172.19.58.94
Now, the problem is that there is another host 172.19.58.200. All
communication to 172.19.58.200 should be through tunl0, and all the
data should be secured using IPSec (tunnel mode - because there are
more machines on my network and 172.19.58.94 is the gateway through
which they access 172.19.58.200). How can this be achived???
Here is what I did:
1. Default route for 172.19.58.200 is ipsec0
route add -host 172.19.58.200 dev ipsec0
2. Mark all packets after being routed through ipsec0
iptables -t mangle -A POSTROUTING -o ipsec0 -j mark --set-mark 1
3. Create a routing rule and add the new rule
ip rule add fwmark 1 table tunnel
4. Create routing entries for table 'tunnel'
ip route add 172.19.58.200 dev tunl0
Well, all this assumes that once the packet enters the ipsec tunnel,
after encapsulation the packets are routed afresh based on the routing
tables. Could the gurus help me fix this!!!
Thanks,
Prasad
_______________________________________________
LARTC mailing list
LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
_______________________________________________
LARTC mailing list
LARTC@xxxxxxxxxxxxxxx
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
