PGPNet and Multiple Subnets Behind FreeS/Wan Box
Is it possible to have a road warrior, using the PGPNet client, to
connect to multiple subnets behind a FreeS/Wan1.96 box?
Logical Diagram
------------------------
Road warrior
PGPNet Client
DHCP dialup
|
Internet
|
Freeswan#1 box
untrust - 12.12.12.1
trust = 192.168.1.1
|
Office subnet1
192.168.1.0/24
|
Freeswan#1 box
untrust - 12.12.12.1
trust = 192.168.1.1
|
Internet
|
Freeswan#2 box
untrust - 12.12.12.2
trust = 192.1.1.1/24
|
Office subnet2
192.1.1.0/24
Right now my road warriors can connect to subnet1. But they cannot
connect to subnet2.
I have tried:
1. I added the network 192.1.1.0/24 to the PGPNet client configuration
and I added a connection description for the second subnet and I can
establish an ipsec connection, but when I try to traceroute or ping to
any hosts in the 192.1.1.0/24 net the connection times out.
2. I modified my connection description for the 192.168.100.0/24 on both
the client and server to treat both subnets as one by using the network
and mask 192.0.0.0/8. I could still get to the 192.168.100.0/24 network
but I was still not routing properly to the 192.1.1.0/24 network.
Is it possible to make this configuration work?
What is eroute?
What can my forwarding rules in ipchains do for me?
I know it would make sense just to add a road warrior config on the
second freeswan box and setup the PGPNet client to attach to it but I
have specific reasons for wanting to route the traffic going to the
second subnet [10.1.1.0/24] thru the first subnet [192.168.1.0/24]
Paul Coleman
415.218.1557
ComputerConsultants
A Redshift-Networks partner
http://www.redshift-networks.com <http://www.redshift-networks.com/>
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.3 : Mon Jul 29 2002 - 05:20:09 CEST