Le ven 02/07/2004 à 12:15, Arya a écrit :
> It's not select() that's the problem. It's the default routing table :)
> ipsec will add a route for the netmask of eth0 to be 'redirected' to the ipsec
> interface, but it wont add any other routes. Thus, if the packet isn't from
> the same subnet, it gets routed through the usual default gateway, which is
> likely external to the box.
That's true but you can do source routing for that (reply to the same
interface where the request come from)
As i remember my box was configured as follow :
eth0 (10.0.0.10) -> DSL for multipurpose
eth1 (81.255.xxx.xxx) -> DSL for VPN
eth2 (192.168.3.1) -> local subnet
default route was to eth0 (internet access)
i added source routing : packet which come from 81.255.xxx.xxx
are routed to eth1 (ip add route from 81.255.xxx.xxx lookup etc ...)
i try to connect with ssh from external box to 81.255.xxx.xxx :
successfull.
i try to connect with L2TP/IPSec frow Windows XP machine to
81.255.xxx.xxx : IPSec SA established but l2tpd not responding
(the select() problem).
i try to send UDP packet to 81.255.xxx.xxx using port of l2tpd
(don't remember) : select() detect these and l2tpd is answering. So,
no problem.
I think this isn't a VPN configuration problem since when i
change the default route to use eth1 (VPN dedicated DSL) in place of
eth0 (internet) all works like a charm.
Am i clear enought ?
What do you think ?
