[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: routing through FreeS/WAN - HELP!



I STILL NEED HELP.  In my frustration I stupidly thought that DNATing to the 192.168.1.254 router was sending the packets to 200.0.14.0/24.  Does anyone have any suggestions?

>On Fri, 2003-04-04 at 16:09, Dan Fleischer wrote:
****** I NEED TO GET TO THE 200.0.14.0/24 (private) NETWORK ACROSS MY
VPN******** 
 
I'm running FreeS/WAN AND iptables on RH7.3 with all ports on all IPs
are available from each LAN across the VPN (ping, telnet, ssh, terminal
server, etc.).  I'm having problems getting one VPN gateway to ping or
ssh to the LAN IP of the other VPN gateway (or any other host on the
other LAN), which I normally would like, but I suspect that is leading
to the following problem 
 
Here's my layout: 

LEFT 
leftnexthop:63.252.12.1 
WAN:63.252.12.11 
LAN:192.168.1.1, net 192.168.1.0/24 
Internal router 192.168.1.254 is gw to 200.0.14.0/24, a private line to
our ASP by adding the following rule to iptables to use that default
route: 

/sbin/iptables -A FORWARD -i $IF_LAN -o $IF_LAN -d 192.168.1.254 \ 
               -j ACCEPT 

Right 
rightnexthop:216.176.82.254 
WAN:216.176.82.64 
LAN:10.4.1.1, net 10.4.0.0/16 

****** I NEED TO GET TO THE 200.0.14.0/24 NETWORK ACROSS MY VPN******** 

How would I configure iptables of FreeS/WAN or both to allow for this? 

I've tried to add the following routes individually to the right vpn
gateway, but was unsuccessful: 
/sbin/route add -net 200.0.14.0 netmask 255.255.255.0 gw 10.4.1.1 ipsec0
/sbin/route add -net 200.0.14.0 netmask 255.255.255.0 gw 192.168.1.254 
ipsec0 

How could I get this routed across my VPN? 


Dan Fleischer
Systems Administrator
Bank & Trust Co.
401 N. Madison St.
Litchfield, IL 62056

Ph. 217-324-3935
http://www.bank-and-trust.com


-
To unsubscribe, send email to majordomo@luci.org with
"unsubscribe luci-discuss" in the body.