Route problem

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

I have a problem with vpnd, or rather, it's a routing problem.
Vpnd initially uses tcp to connect, then setup a slip link for encrypted
traffic.

   200.300.400.501
   nat -> 10.0.0.2
   +-- cisco -- firewall-vpn-gw --- clientnets: 10.{10. 11. 12. 13.}
   |  10.0.0.1  10.0.0.2
   |
   +---------- clientnet-vpn-gw ----- testclient
            20.30.40.51  10.15.0.1    10.15.0.5

Using option 'defaultroute' in vpnd.conf means that vpnd uses the system
default route for the slip interface, which means that I can trace the
slip interfaces from each vpnd-gateway to the other, but not to the
local networks behind.
Given the followin route -n listings, I need to add routes to those
nets, but I can't seem to make it work (lack of routing experience..).
Clearly, traffic going to either of the slip interfaces will end up
going via the default route, and, in this case, end up at the internet.


Firewall-vpn-gw 'route -n':
Destination    Gateway     Genmask         Flags Metric Ref Use Iface
10.2.0.1       0.0.0.0     255.255.255.255 UH    0      0     0 eth2
10.10.0.1      0.0.0.0     255.255.255.255 UH    0      0     0 eth4
10.3.0.1       0.0.0.0     255.255.255.255 UH    0      0     0 eth3
10.11.0.1      0.0.0.0     255.255.255.255 UH    0      0     0 eth5
10.1.0.1       0.0.0.0     255.255.255.255 UH    0      0     0 eth1
10.0.0.2       0.0.0.0     255.255.255.255 UH    0      0     0 eth0
10.30.0.1      0.0.0.0     255.255.255.255 UH    0      0     0 sl0
10.12.0.1      0.0.0.0     255.255.255.255 UH    0      0     0 eth6
10.13.0.1      0.0.0.0     255.255.255.255 UH    0      0     0 eth7
10.2.0.0       0.0.0.0     255.255.0.0     U     0      0     0 eth2
10.3.0.0       0.0.0.0     255.255.0.0     U     0      0     0 eth3
10.0.0.0       0.0.0.0     255.255.0.0     U     0      0     0 eth0
10.1.0.0       0.0.0.0     255.255.0.0     U     0      0     0 eth1
10.10.0.0      0.0.0.0     255.255.0.0     U     0      0     0 eth4
10.11.0.0      0.0.0.0     255.255.0.0     U     0      0     0 eth5
10.12.0.0      0.0.0.0     255.255.0.0     U     0      0     0 eth6
10.13.0.0      0.0.0.0     255.255.0.0     U     0      0     0 eth7
127.0.0.0      0.0.0.0     255.0.0.0       U     0      0     0 lo
0.0.0.0        10.0.0.1    0.0.0.0         UG    0      0     0 eth0


Client-vpn-gw 'route -n':
Destination    Gateway     Genmask         Flags Metric Ref Use Iface   
20.30.40.51    0.0.0.0     255.255.255.255 UH    0      0     0 eth0    
10.0.0.2       0.0.0.0     255.255.255.255 UH    0      0     0 sl0     
10.30.0.1      0.0.0.0     255.255.255.255 UH    0      0     0 eth1    
20.30.40.50    0.0.0.0     255.255.255.240 U     0      0     0 eth0    
10.15.0.0      0.0.0.0     255.255.0.0     U     0      0     0 eth1    
127.0.0.0      0.0.0.0     255.0.0.0       U     0      0     0 lo      
0.0.0.0        20.30.40.51 0.0.0.0         UG    0      0     0 eth0    

-- 
Regards,
           Mr Dev - Mogens Valentin
    http://www.mrdev.com - mrdev@danbbs.dk
OpenSource Security - Networking - Programming

Søger 2-3 vær. lejlighed, helst fra 1. marts
Istandsættelse i noget omfang kan tilbydes
-
: send the line "unsubscribe linux-net" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Netdev]     [Ethernet Bridging]     [Linux 802.1Q VLAN]     [Linux Wireless]     [Kernel Newbies]     [Security]     [Linux for Hams]     [Netfilter]     [Git]     [Bugtraq]     [Yosemite News and Information]     [MIPS Linux]     [ARM Linux]     [Linux RAID]     [Linux PCI]     [Linux Admin]     [Samba]

  Powered by Linux