[Users] IPSEC routing trouble

• Next message: Sam Sgro: "Re: [Users] MS L2TP/IPSec VPN client configuration issue?"
• Previous message: Stephen J Bevan: "AW: [Users] fragmentation"
• In reply to: Stephen J Bevan: "[Users] IPSEC routing trouble"
• Next in thread: Micah Silverman: "Re: [Users] IPSEC routing trouble"
• Reply: Micah Silverman: "Re: [Users] IPSEC routing trouble"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Stephen J Bevan writes:
> Which box are you pinging from? You show an example from
> virtLinuxIPSEC -> virtLinux but in your diagram you don't list any
> ipsecX interface for virtLinuxIPSEC. You do list one on virtLinux but
> from the diagram it looks like you have it attached to the wrong
> interface ("looks like" because Eudora, your mail client, wrapped some
> lines your diagram and I'm not certain I unwrapped them correctly).
> You should have ipsec0 attached to eth1 since that is the external
> interface for virtLinux.

Micah sent me an unmangled version of the diagram and from that it is
clear that ipsec0=eth1 is not the solution. It appears that the
problem is 10.0.0.1 is not listed as protecting 192.168.1.0/24 and so
while 10.0.0.2->10.0.0.2 is protected, 10.0.0.2->192.168.1.0/24 goes
out in the clear. I suggested making at least 192.168.1.0/24 a
protected subnet.
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users

• Next message: Sam Sgro: "Re: [Users] MS L2TP/IPSec VPN client configuration issue?"
• Previous message: Stephen J Bevan: "AW: [Users] fragmentation"
• In reply to: Stephen J Bevan: "[Users] IPSEC routing trouble"
• Next in thread: Micah Silverman: "Re: [Users] IPSEC routing trouble"
• Reply: Micah Silverman: "Re: [Users] IPSEC routing trouble"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.3 : Mon Jul 29 2002 - 05:20:23 CEST