I did some more research on the problem I posted the other day, and I was slightly incorrect about what was going on...
Brief recap:
I now have two subnets connected over an ipsec vpn connection. 192.168.1.0 and 192.168.2.0... Any host on 192.168.1.0 can ping any host on 192.168.2.0. Yay.
My problem now is this: The gateways for this connection (internal ip's 192.168.1.1 and 192.168.2.1) are general purpose servers, and also run things like samba and bind on their internal ip addresses. The services on these two machines ideally need to talk to each other. However, from the gateways themselves, I *can't* ping any machines on the subnet on the other side of the tunnel. A brief check with ethereal shows that the pings are originating from a.b.c.d where a.b.c.d is the external IP address of the gateway.
If I force the ping to come from the internal IP ( 'ping -I 192.168.1.1 192.168.2.1' ) everything is hunky dory. - But by default, this dosen't happen. (Instead, the ipsec0 interface just starts racking up 'dropped' tx packets)
Is there some routing or config kludge I can do, to make packets look like they are originating from the internal address, when trying to communicate with the other subnet, or do I have to build multiple tunnels... (Three?? subnet1-to-subnet2 gate1-to-subnet2 gate2-to-subnet1??)
Thanks,
Simon
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.3 : Mon Jul 29 2002 - 05:19:53 CEST