[Openswan Users] routing to subnet behind openswan gw
Freight Car
freightcar at gmail.com
Thu May 4 13:26:59 CEST 2006
when I ping the internal interface of the vpn gateway 172.16.8.1 i get
response from default gateway "host unrechable". there is no route to that
network on any of the hosts. why the packets destined to that
172.16.8.0network are sent to default gateway? they should be sent to
the tunnel (in
this case vpn gateway adderess which is 10.1.1.100) is this correct? you
were right the IP forwarding on the gateway was disabled, but i need that to
reach any hosts on that network but i should be able to reach the internal
interface even when the IP forwarding is disabled, at least i could from the
default gateway.
On 5/4/06, Paul Wouters <paul at xelerance.com> wrote:
>
> On Thu, 4 May 2006, Freight Car wrote:
>
> > I am trying to setup openswan gateway, so users can connect to it and
> access
> > NAT network behind this gateway. I got lsipsectool now, it says the
> tunnel
> > is active but i can not ping the internal interface of the gateway (I
> shoud
> > be able to, right?).
>
> Yes you should. Run ipsec verify. You are either not forwarding, dropping
> packets in the firewall, or accidentally NATting ipsec packets.
>
> Paul
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20060504/273b7d7e/attachment.htm
More information about the Users
mailing list