Kevin Gerbracht wrote:
>
> I have so following situation (Using FreeS/WAN 1.98b/X509_0.9.9.13)
>
> Client(RW) 192.168.0.1 / 24 (->Nat=70.0.0.3)
> |
> .
> .
> | 192.168.0.2 / 24
> VPN-Gate
> | 70.0.0.1 / 24
> |
> x <--
> | 70.0.0.2 / 24
> Router
> | 60.0.0.1 / 24
> |
> |
> |
> Target 60.0.0.2 / 24
> x=Network Sniffer
>
> I build the Tunnel between the CLient and the VPN-Gate.
>
> Then i do NAT on the Client (Postrouting/Prerouting) to get the
> Client-IP: 70.0.0.3
>
> The Tunnel is up and running. I can ping (from Client) the VPN-Gate-Sides
> (192. & 70.) and one Router-Side(70.0.0.2). I canīt ping the Target
> (60.0.0.2)
>
> The Router has been corectly configured.
> The Target can ping all the way to the 70.0.0.1-side on the vpn-gate
> The VPN Gate can ping all the way to the 60.0.0.2 Target
>
> If i "ping 60.0.0.2" (from the Client), i will not see any pakets on Point
> X, because the pakets donīt get into the Tunnel.
>
> What must i do to establish a Client-connection to and from the Target
> (60.0.0.2) ???
> There is no route for pakets from the Client to the 60.0.0.0/24 network
> but i canīt get one established. Can someone give me some tipps.
>
> <<snip>>
>
> conn
> ----
> left=192.168.0.2
> leftsubnet=70.0.0.0/255.255.255.0
Try here leftsubnet=0.0.0.0/0. That will route all of your packets
through the tunnel.
> right=192.168.0.1
> rightsubnet=70.0.0.3/32
Regards,
Fred
-- Fred Mobach - fred_at_mobach.nl - postmaster_at_mobach.nl Systemhouse Mobach bv - The Netherlands - since 1976 website : http://fred.mobach.nl Safe Harbour for encumbered Free and Open Source software and links: http://apache.dataloss.nl/~fred/ _______________________________________________ Users mailing list Users_at_lists.freeswan.org http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.3 : Mon Jul 29 2002 - 05:20:25 CEST