[Openswan Users] routing to subnet behind openswan gw

Freight Car freightcar at gmail.com
Thu May 4 13:26:59 CEST 2006

when I ping the internal interface of the vpn gateway i get
response from default gateway "host unrechable". there is no route to that
network on any of the hosts. why the packets destined to that are sent to default gateway? they should be sent to
the tunnel (in
this case vpn gateway adderess which is is this correct? you
were right the IP forwarding on the gateway was disabled, but i need that to
reach any hosts on that network but i should be able to reach the internal
interface even when the IP forwarding is disabled, at least i could from the
default gateway.

On 5/4/06, Paul Wouters <paul at xelerance.com> wrote:
> On Thu, 4 May 2006, Freight Car wrote:
> > I am trying to setup openswan gateway, so users can connect to it and
> access
> > NAT network behind this gateway. I got lsipsectool now, it says the
> tunnel
> > is active but i can not ping the internal interface of the gateway (I
> shoud
> > be able to, right?).
> Yes you should. Run ipsec verify. You are either not forwarding, dropping
> packets in the firewall, or accidentally NATting ipsec packets.
> Paul
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20060504/273b7d7e/attachment.htm

More information about the Users mailing list