[ previous ] [ next ] [ threads ]
 
 From:  "Neil Schneider" <pacneil at linuxgeek dot net>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  routing problem.
 Date:  Mon, 22 Dec 2003 18:50:42 -0800 (PST) 
Here's my current network configuration in a lousy asci drawing.

      WAN     LAN     LAN     WAN        WAN     LAN

          ____            ____  IPsec        ____
 DHCP     |  |            |  |  wireless     |  |
 intenet--|  |------------|  |_______________|  |___
          |  |            |  |               |  |
          ----            ----               ----

           192.168.1.254      172.16.1.1   192.168.3.254
                 192.168.1.1      172.16.1.2

Internet connected server has a configuration like this.
Internet Gateway
WAN: DHCP
LAN: 192.168.1.254/24

$ netstat -rn
Routing tables
Internet:
Destination        Gateway            Flags    Refs      Use  Netif Expire
default            192.168.0.1        UGSc        1     8287   sis0
127.0.0.1          127.0.0.1          UH          1       16    lo0
192.168.0          link#1             UC          1        0   sis0
192.168.0.59       127.0.0.1          UGHS        0        0    lo0
192.168.1          link#2             UC          3        0   sis1
192.168.3          192.168.1.1        UGSc        0       14   sis1

Wireless gateway:
Wan: 172.16.1.1 gw 192.168.1.254
Lan: 192.168.1.1
IPsec: LAN to 192.168.3.0/24 gw 172.16.1.2
$ netstat -rn
Routing tables

Internet:
Destination        Gateway            Flags    Refs      Use  Netif Expire
default            192.168.1.254      UGSc        1        1   sis0
127.0.0.1          127.0.0.1          UH          0        0    lo0
172.16.1/30        link#1             UC          1        0    wi0
192.168.1          link#2             UC          4        0   sis0
192.168.3          192.168.1.1        UGSc        0        0   sis0

Wireless node:
Wan 172.16.1.2/30 Gateway 192.168.3.254
LAN 192.168.3.254
IPsec:
LAN to 192.168.1.0/24 gw 172.16.1.1/30
$ netstat -rn
Routing tables

Internet:
Destination        Gateway            Flags    Refs      Use  Netif Expire
default            192.168.3.254      UGSc        0        1   sis0
127.0.0.1          127.0.0.1          UH          0        0    lo0
172.16.1/30        link#1             UC          1        0    wi0
192.168.1          192.168.3.254      UGSc        1       11   sis0
192.168.3          link#2             UC          2        0   sis0

The ipsec tunnel works fine. I can ping from one machine on each end to
the other, through it. I can ping 192.168.1.254 from either end of the
tunnel. What I cannot seem to be able to do is route traffic from
192.168.1.1 to 192.168.1.254 in either direction. I'm not a BSD guy but
I've done networking with Linux for years. I have to admit this has me
baffled.

Am I missing something obvious? Does setting the default route on the WAN
interface to the network on the LAN for the wireless gateway somehow
confuse things? These are all soekris boxes with m0n0wall, so I'm limited
with the diagnostics I can use.


-- 
Neil Schneider                              pacneil_at_linuxgeek_dot_net
                                           http://www.paccomp.com
Key fingerprint = 67F0 E493 FCC0 0A8C 769B  8209 32D7 1DB1 8460 C47D

Clothes make the man. Naked people have little or no influence on society.
-- Mark Twain