[Openswan Users] pinging one way and not the other

Norman Rasmussen normanr at gmail.com
Fri Sep 16 13:16:14 CEST 2005


I think the route is correct, because ipsec will encapsulate then forward.

What are the traceroutes from both networks (trying to access the
other)?  And what does tcpdump say goes back and forth?

On 16/09/05, mlist <mlist at opendoor.fr> wrote:
> Norman Rasmussen a écrit :
> > On 15/09/05, mlist <mlist at opendoor.fr> wrote:
> >
> >>well gateway2 is already the default gateway for net2
> >
> > Then all should be well in network 2 land.
> >
> > If you apply all this logic to Network 1, what happens?
> >
> > i.e. is either:
> >
> > A. Gateway 1 the default Gateway for Network 1 or does
> > B. the default gateway for network 1 know that 192.168.10.0/24 is via Gateway 1.
> >
> 
> well well.
> gw1 has always been default gateway for net1 ...
> 
> again here is my route on gw 1:
> 
> 192.168.10.0    82.224.208.254  255.255.255.0  UG       eth1
> 82.224.208.0    0.0.0.0    255.255.255.0        U       eth1
> 10.0.0.0        0.0.0.0    255.0.0.0            U       eth0
> 
> i am not sure that line # 1 ( added when starting ipsec ) is correct,
> since 82.224.208.254 ( router on provider's side ) wont know nothing
> about 192.168.10.0.
> 
> trying a ip route add 192.168.10.0/24 via gw2's pubip gives me a
> "network unreachable" ).
> 
> but then i dont know what route i should put here.
> 
> and i am wondering if this is not more related to some kind of internal
> ipsec magic that route traffic between virtual ipsec0 interface.
> 
> i am kinda stuck...
> 
> any more pointers ?
> --
> thomas Constans
> 04 78 68 17 34
> www.opendoor.fr
> thomas.constans at opendoor.fr
> _______________________________________________
> Users mailing list
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users
> 


-- 
- Norman Rasmussen
 - Email: norman at rasmussen.co.za
 - Home page: http://norman.rasmussen.co.za/


More information about the Users mailing list