FreeSWAN should add the tunnel routes for you, is that what you are using? Try removing that first route and use 13.2:
ip route add 204.239.225.162/32 via 192.168.13.2 You need iproute2 for the ip command but its much more powerful. For example, ip route get [address] [from] [iif] [oif] would help you to troubleshoot this problem. Wade. On Wed, 2003-02-05 at 09:19, Kevin Anderson wrote: > I have a routing issue that I can't figure out. > > Here's the situation. Unless spelled out in full, IPs are > 192.168.X.X/24 > > Desktop ------- IPCOP1 ======= IPCOP2 --------- IPCOP3 ======== > Server. > 14.100 LAN 14.1 VPN 13.1 LAN 13.2 > Untrusted 204.239.225.162 > > I can Ping from the desktop to IPCOP3, (192.168.14.100 to > 192.168.13.2), however I can't reach Server. > > Here's what I've done that should matter. > > outbound. > IPcop 1 has a route to 204.239.225.162/32 on dev ipsec0 (I can't ping > the next hop, so I can't add the route) > IPcop2 has a route for 204.239.225.162/32 to IPcop3 > IPcop3 has a route to 204.239.225.162/32 on eth1 > > inbound. > IPcop3 has a default route of IPcop2 > IPcop2 has a route for 192.168.14.0/24 across the VPN to IPcop 1 > IPcop1 is in the same LAN as Desktop. > > Here's the situation. > Desktop can ping IPcop3, (anything in the 13.0 LAN.) > Anything in the 13.0 LAN can ping Desktop. > Desktop cannot reach server. > Server is not mine, so I can't test the reverse, but I suspect it'll > fail. > The 13.0 LAN can reach Server. > > This connection gets NATted at IPcop3 > > Thanks In Advance > Kev.
