Hello,
"Vetter, Stephan" wrote:
>
> scenario:
> LAN1---VPNbox1---Internet---VPNbox2---LAN2---Router1---LAN3
>
> How can I manage to contact LAN1 with LAN3?
> The VPN between LAN1 and LAN2 is running and it works.
I have been confronted with such a problem some time ago. While I have
solved it, my solution probably won't work for most people. Short
explanation of the scenario they had created for me :
LAN1---VPNbox1---Internet---VPNbox2---LAN2---Router1---LAN3
|
PUBnet1
LAN1 = private IP subnet (10.42.88.0/22) for remote office.
VPNbox1 = Linux 2.4.10 patched, FreeS/WAN 1.91
VPNbox2 = idem
LAN2 = private IP subnet (10.38.8.0/22) for central office.
LAN3 = public IP subnet
PUBnet1 = public IP subnet for remote administration.
Both VPNbox1 and VPNbox2 are remotely administred from a public IP
network PUBnet1.
I added some static routing rules on regular interfaces (e.g. eth0) :
- on VPNbox1 to PUBnet1
- on VPNbox2 to LAN3
The rest is in the config below. Notice that LAN1 is left and LAN2 is
right.
conn tripo-tripo
leftid=4.5.6.193
left=4.5.6.193
leftnexthop=4.5.6.1
leftsubnet=10.42.88.0/22
rightid=1.2.3.62
right=1.2.3.62
rightnexthop=1.2.3.33
rightsubnet=0.0.0.0/0
The (simple) trick is that all traffic from LAN1 is routed because of
the rightsubnet via the tunnel, except the traffic to the remote admin
subnet because of the static route.
Regards,
Fred
-- Fred Mobach - fred_at_mobach.nl - postmaster_at_mobach.nl Systemhouse Mobach bv - The Netherlands - since 1976 website : http://fred.mobach.nl Safe Harbour for encumbered Free and Open Source software and links: http://apache.dataloss.nl/~fred/ _______________________________________________ Users mailing list Users_at_lists.freeswan.org http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.3 : Mon Jul 29 2002 - 05:20:17 CEST