From: AltDNS.net Support (support_at_altdns.net)
Date: Tue Jan 14 2003 - 08:08:34 CET
I have successfully established the ipsec link and can ping from any
OfficeNet machine to the linux gateway. Trying to ping anything beyond
the Linux box fails. Also pinging any OfficeNET IP from the general
Internet also fails. You interpretation of my desires is correct.
P.S. - The reason why I added the no ridicule part is because I have
posted this question many places and most people simply just say I am
stupid for even trying. If all we wanted was easy and no challenge then
why would we not all just use Microsloft OS's.
-----Original Message-----
From: Christopher Barry [mailto:cbarry_at_infiniconsys.com]
Sent: Tuesday, January 14, 2003 12:05 AM
To: AltDNS.net Support
Cc: users_at_lists.freeswan.org
Subject: Re: [Users] (no subject)
OK. I'll just ridicule your ASCII art then, and well, your grammer could
use a bit of cleaning up as well. :^}
Correct me if I've misinterpreted: You want all traffic from OfficeNet
tunneled to the Linux network - with a *single NIC* - and all traffic
back to - or even straight to OfficeNet from the Internet - to come from
the Linux box back through the tunnel to OfficeNet.
Q: Do you have a tunnel setup from .41 to the linux host already? Have
you tried setting the default route of your OfficeNet boxen to the IP
you've given to your ipsec0 interface? I believe it must be different
than .41, and I'm seriously wondering about the single NIC in the Linux
host.
Good Luck,
-C
On Sun, 2003-01-12 at 09:34, AltDNS.net Support wrote:
> I am trying to do a fairly unusual IPsec tunnel (or at least it must
be
> because I can't find any example even closely similar) using FreeS/WAN
> 1.99 and a Cisco 3620 router. An illustration is as follows:
>
>
> ----------------
> -------------------------
> | OfficeNET | -------------------------------- |
Linux
> FreeS/WAN box |
> | 10.69.141.41 | | Cisco 3620 | |
> |
> | | |--| Internal 10.69.141.40 |-- Internet --|
> 10.69.140.62/23 |
> | 10.69.141.59 | | External Some Other PublicIP | |One
Nic
> Card in Machine|-- Internet
> ---------------- --------------------------------
> -------------------------
>
>
> Please note that the 10.69.XXX addresses were modified for this
example.
> They are publicly routable IP addresses in real life but for security
> reasons I change them to be 10.XXXXXX addresses. Essentially what I
want
> is to have the IP's on the OfficeNET to travel over the tunnel to the
> Linux FreeS/WAN box and then from the access the internet at large. I
> also want incoming IP traffic to the OfficeNET IP's to travel over the
> tunnel to the respective machine. Please note I can not change the IP
> addresses used and neither can I modify anything related to the
network
> / routing on the far right side beyond the Linux box. I reason behind
> this network setup won't make since to most, but please just help
figure
> out how to do with instead of ridiculing the setup.
>
>
>
>
>
>
> _______________________________________________
> Users mailing list
> Users_at_lists.freeswan.org
> http://lists.freeswan.org/mailman/listinfo/users
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.5 : Wed Jan 15 2003 - 20:11:39 CET