[Openswan Users] Clients in the right network are OK but packtes from rightserver misroute
Paul Wouters
paul at xelerance.com
Wed Feb 7 09:17:07 EST 2007
On Wed, 7 Feb 2007, Augusto Pizarro wrote:
> Server Left
> Server Left Network
> 10.210.21.0------10.210.21.1/192.168.200.100
> ---(internet)---200.178.78.1/10.20.10.60-----10.20.0.0
> eth1
> eth0 eth0 eth1
> RESUMING: The Right clients are OK bur the Right server itself DONT!!!
> Really stupid!!
Try using leftsourceip=
> In the IPTRAF I can see "ICMP dest unrch from 10.210.21.1 to
> 10.210.21.1 on lo" in the Right Server wen trying to ping the Left
> Server.
I am not sure how you can not reach 10.210.21.1 from 10.210.21.1. If
your logs show some error with the "ip route add" command, you might
need to explicitely set a leftnexthop= value.
> Maybe I have to create another tunnel just for the traffic from the
> server to the Left Network.
If you specify leftsourceip/rightsourceip, that is not needed. Else
you are correct, and would need to add a host-net, net-host, and host-host
tunnel.
Paul
--
Building and integrating Virtual Private Networks with Openswan:
http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
More information about the Users
mailing list