[Openswan Users] Ping through ipsec/l2tp tunnel(e.g. web.de or ...)
foren titze
freeswan at gmx.net
Mon May 3 18:02:03 CEST 2004
Hello,
no my routing look ok. which route i must set to get the "world" traffic
through the tunnel backwards.
my routing table when connection is established:
80.226.237.35 via 62.96.xxx.129 dev ipsec0
62.96.xxx.130 via 192.168.121.1 dev eth1
192.168.121.251 dev ppp0 proto kernel scope link src 192.168.121.91
62.96.xxx.135 via 192.168.121.1 dev eth1
62.96.xxx.141 via 192.168.121.1 dev eth1
62.96.xxx.128/27 dev eth0 proto kernel scope link src 62.96.xxx.156
62.96.xxx.128/27 dev ipsec0 proto kernel scope link src 62.96.xxx.156
213.xxx.xxx.0/24 via 192.168.121.1 dev eth1
192.168.110.0/24 via 192.168.121.1 dev eth1
192.168.121.0/24 dev eth1 proto kernel scope link src 192.168.121.91
default via 62.96.xxx.129 dev eth0
It seems to are a routing problem, because the ping goes out (on vpn-gate)
through eth0 (extern interface) with the assigned intern ip from l2tp daemon,
and comes back through the gateway (192.168.121.1) of the inner Net.
BUT when i have establish the tunnel and make a
"route add default gw 192.168.121.1" (i have now two standard gateways fist
eth0 and second eth1)
then i can surf and ping the whole world of internet.
BUT when i try to make a second tunnel from another roadwarrior, the new ipsec
tunnel would't be constructed.
when I delete the second default route, the second tunnel can be established!
My only wish is to take the tunnel from windows and work on the maschines in
my company AND surf and get mail without disconnect.
can you help me?
Thanks Zoni
Am Montag, 3. Mai 2004 14:21 schrieb Jacco de Leeuw:
> foren titze schreef:
> > i have sucsessfully set up a windows l2tp vpn-tunnel with ipsec x509 and
> > can reach all machines in my subnet. But I get no reply from web.de in
> > the Tunnel back.
> > So whats wrong?
>
> Possibly your routing, ip_forward or rp_filter...
More information about the Users
mailing list