Route problem

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

I have a problem with vpnd, or rather, it's a routing problem.
Vpnd initially uses tcp to connect, then setup a slip link for encrypted
traffic.

   200.300.400.501
   nat -> 10.0.0.2
   +-- cisco -- firewall-vpn-gw --- clientnets: 10.{10. 11. 12. 13.}
   |  10.0.0.1  10.0.0.2
   |
   +---------- clientnet-vpn-gw ----- testclient
            20.30.40.51  10.15.0.1    10.15.0.5

Using option 'defaultroute' in vpnd.conf means that vpnd uses the system
default route for the slip interface, which means that I can trace the
slip interfaces from each vpnd-gateway to the other, but not to the
local networks behind.
I've read the vpnd docs/examples, but no matter how I try specifying
routes in vpnd.conf, I end up having a sl0 route to the default gateway,
possibly in combination with other routes which may look like they alone
would work.
Only, the mentioned route to default gateway is always present..

Given the followin route -n listings, I need to add routes to those
nets, but I can't seem to make it work (lack of routing experience..).
Clearly, traffic going to either of the slip interfaces will end up
going via the default route, and, in this case, ends up on the internet.


Firewall-vpn-gw 'route -n':
Destination    Gateway     Genmask         Flags Metric Ref Use Iface
10.2.0.1       0.0.0.0     255.255.255.255 UH    0      0     0 eth2
10.10.0.1      0.0.0.0     255.255.255.255 UH    0      0     0 eth4
10.3.0.1       0.0.0.0     255.255.255.255 UH    0      0     0 eth3
10.11.0.1      0.0.0.0     255.255.255.255 UH    0      0     0 eth5
10.1.0.1       0.0.0.0     255.255.255.255 UH    0      0     0 eth1
10.0.0.2       0.0.0.0     255.255.255.255 UH    0      0     0 eth0
10.30.0.1      0.0.0.0     255.255.255.255 UH    0      0     0 sl0
10.12.0.1      0.0.0.0     255.255.255.255 UH    0      0     0 eth6
10.13.0.1      0.0.0.0     255.255.255.255 UH    0      0     0 eth7
10.2.0.0       0.0.0.0     255.255.0.0     U     0      0     0 eth2
10.3.0.0       0.0.0.0     255.255.0.0     U     0      0     0 eth3
10.0.0.0       0.0.0.0     255.255.0.0     U     0      0     0 eth0
10.1.0.0       0.0.0.0     255.255.0.0     U     0      0     0 eth1
10.10.0.0      0.0.0.0     255.255.0.0     U     0      0     0 eth4
10.11.0.0      0.0.0.0     255.255.0.0     U     0      0     0 eth5
10.12.0.0      0.0.0.0     255.255.0.0     U     0      0     0 eth6
10.13.0.0      0.0.0.0     255.255.0.0     U     0      0     0 eth7
127.0.0.0      0.0.0.0     255.0.0.0       U     0      0     0 lo
0.0.0.0        10.0.0.1    0.0.0.0         UG    0      0     0 eth0


Client-vpn-gw 'route -n':
Destination    Gateway     Genmask         Flags Metric Ref Use Iface   
20.30.40.51    0.0.0.0     255.255.255.255 UH    0      0     0 eth0    
10.0.0.2       0.0.0.0     255.255.255.255 UH    0      0     0 sl0     
10.30.0.1      0.0.0.0     255.255.255.255 UH    0      0     0 eth1    
20.30.40.50    0.0.0.0     255.255.255.240 U     0      0     0 eth0    
10.15.0.0      0.0.0.0     255.255.0.0     U     0      0     0 eth1    
127.0.0.0      0.0.0.0     255.0.0.0       U     0      0     0 lo      
0.0.0.0        20.30.40.51 0.0.0.0         UG    0      0     0 eth0    

-- 
Regards,
           Mr Dev - Mogens Valentin
    http://www.mrdev.com - mrdev@danbbs.dk
OpenSource Security - Networking - Programming

Søger 2-3 vær. lejlighed, helst fra 1. marts
Istandsættelse i noget omfang kan tilbydes
-
: send the line "unsubscribe linux-net" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Netdev]     [Ethernet Bridging]     [Linux 802.1Q VLAN]     [Linux Wireless]     [Kernel Newbies]     [Security]     [Linux for Hams]     [Netfilter]     [Git]     [Bugtraq]     [Yosemite News and Information]     [MIPS Linux]     [ARM Linux]     [Linux RAID]     [Linux PCI]     [Linux Admin]     [Samba]

  Powered by Linux