[Openswan Users] Can't reach hosts behind my VPN-Gateway

Paul Wouters paul at xelerance.com
Mon Apr 19 14:46:18 CEST 2004


On Mon, 19 Apr 2004, Sebastian Albrecht wrote:

> When pinging the other gateway's IP:
> ping 10.0.18.60
> tcpdump listening on eth1
> 10:57:31.631723 arp who-has 10.0.0.1 tell 192.168.0.3
> tcpdump listening on eth0
> <empty>

It seems that the gateway to reach 10.0.18.60 is 10.0.0.1 on your
network, and that the machine thinks it is LOCAL, thus it only
does an arp for it on the local ethernet.

First you need to fix your normal routing, then add the ipsec tunnels.
Do not add routes for things you will be tunneling later on.

Paul



More information about the Users mailing list