|
||||||||
Hi all, I'm having headake for now. Impossible to make my network map working... I can join networks with IPSEC but can't set the default route via the tunnel. It was working great with a remote subnet of 128.0.0.0/1 on right m0n0 and local subnet 128.0.0.0/1 on left m0n0. But it's only working on high internet IP. Impossible to ping 64.x.x.x or 84.x.x.x.x. I'am giving up for the moment. No more idea? Regards Charles John Tran a écrit : > Vincent Fleuranceau wrote: > >> -------- Message original -------- >> >>> Hi all, >>> >>> I have a problem with the network map bellow : >>> http://www.creape.unilim.fr/vpn.jpg >>> >>> I am using a IPSEC between LAN and LAN' because I'm using a WiFi >>> outdoor link. No problem to ping hosts between LAN and LAN'. >>> >>> Impossible to ping from LAN' to DMZ or Internet How can I define a >>> "default ipsec route" for LAN' client? >> >> >> >> Hi, >> >> You may have to add specific rules to allow traffic from 192.168.2.0/24 >> to pass on the 192.168.1.254 interface and/or on the 172.20.4.254 >> interface... >> >> Many issues involve both routing and filtering. > > > I think that (on linux you) would add the following route to your LAN > > route add -net [remote net] netmask 255.255.255.0 gw [ipsec gateway ip] > dev [interface] > > > John |