Now you need to setup IP Passthrough filters. Mike Burden Lynk Systems http://www.lynk.com (616)532-4985 [EMAIL PROTECTED]
> -----Original Message----- > From: Gene Huske [mailto:[EMAIL PROTECTED]] > Sent: Saturday, June 15, 2002 8:26 PM > To: [EMAIL PROTECTED] > Subject: [gb-users] Yet another VPN configuration question > > > I've been trying to get VPN to work between two GB-1000 > units. It shouldn't > be this difficult. I know I'm missing something simple. > > Configurations: > > GB-1000 #1 (version 3.2.1) > > Protected network: 192.168.1.0/24 Interface: 192.168.1.1 > External network: 1.1.1.0/29 Interface: 1.1.1.1 > > VPN local gateway: 1.1.1.1 Remote gateway: 2.2.2.1 > Local network: 192.168.1.0/24 Remote network: > 192.168.2.0/24 > > > GB-1000 #2. (version 3.2.5s) > > Protected Network: 192.168.2.0/24 Interface 192.168.2.1 > External Network: 2.2.2.0/29 Interface 2.2.2.1 > > VPN remote gateway: 1.1.1.1 Remote network: 192.168.1.0 > > Note: In version 3.2.1 there are boxes for both local and > remote gateway > and networks. In version there are boxes for only remote gateway and > network. And that makes sense to me. > > Both GB-1000 boxes show an active VPN connection to the > remote GB-1000 in a > 'mature' state. > > My hang up is that I don't understand how to route packets to > the remote > network. According to the VPN documentation, outbound > destination addresses > are compared to the remote network addresses defined in the > VPN section, and > if there is a match, and if there is an appropriate IP pass > through rule, > the packet is sent through the tunnel. > > If while I am logged on to GB-1000 #2 I do a trace route to > 192.168.1.1, the > packet is sent out the external port because there is no > route for that > address. It uses the default route. My understanding is > that because it is > within the remote network defined for the VPN, it should be > routed through > the tunnel. > > Now for my question. What do I need to do to get packets for > a remote VPN > network routed through the VPN tunnel? > > > > > > > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > To subscribe to the digest version first unsubscribe, then > e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > Archive of the last 1000 messages: > http://www.mail-archive.com/[email protected] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] To subscribe to the digest version first unsubscribe, then e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archive of the last 1000 messages: http://www.mail-archive.com/[email protected]
