[Openswan Users] Routing troubles
Paul Wouters
paul at xelerance.com
Wed Jul 15 09:15:50 EDT 2009
On Wed, 15 Jul 2009, Dennis J. wrote:
> As far as I can see the tunnel gets established but my problem is that I
> can only ping the machines from the other subnet from the gateway. That is
> on the left gateway I can ping and ssh connect the machines from the right
> subnet and from the right gateway I can access the machines in the left
> subnet but I the actual machines in the subnets cannot connect to each other.
>
> My config looks like this:
> conn vpn
> authby=secret
> left=<external-ip-left>
> leftsubnet=192.168.1.0/24
> leftsourceip=192.168.1.1
> leftnexthop=%defaultroute
> right=<external-ip-right>
> rightsubnet=192.168.4.0/24
> rightsourceip=192.168.4.1
> rightnexthop=%defaultroute
> auto=start
Looks ok.
> What is strange is that as soon as I start the tunnel openswan seems to add
> it's own definition on for 192.168.1.1 and 192.168.4.1 respectively.
> Right now the ip config on the left machine looks like:
That is because of the sourceip options. If you use 'ip ro list' you
should see a routing entry specifying a "src" argument.
> What do I have to change so that the machines from the two different
> subnets can reach each other?
I'd look at firewalling/NAT interfering.
Paul
More information about the Users
mailing list