[EMAIL PROTECTED] wrote: > > This sounds like the problem I was having with SNMP data. The packets vent > out the VPN with the source address of the external interface not the > internal. The solution was to modify the _updown script to include the > source address in the route command, or you can change the route statement > after the tunnel has been created with an ip route change command. > Basically it looks like this: > > ip route change RIGHT_SUBNET via LEFTDEFAULTGATEWAY (or > LEFT_NEXT_HOP) src LEFT_NETWORK_INTERFACE dev ipsec0 > > Try it. It'll only take a couple minutes to find out if it works for you.
Excellent! I am going to lose sleep this weekend re-reading the advanced routing howto's . . . "Michael D. Schleif" wrote: > > OK, we have two (2) DCD's setup across the internet. Both are running > nmb-207.lrp to investigate samba vs. wins functionality. Both happen to > be ipsec gateways. [ snip ] > timeout connecting to 192.168.1.254:139 > timeout connecting to 192.168.123.254:139 > > The timeout repeats every ~15 minutes. Notice, trout == 192.168.123.254 > and bluetrout == 192.168.1.254 ; while 192.168.1.101 is a w2k domain > controller. OK, progress ;> If local master = yes, then we get the timeout connecting errors. Do we need to open netbios ports on samba servers? Which: 137, 138, 139? Is there away with DCD to open these *only* on the internal network? What do you think? -- Best Regards, mds mds resource 888.250.3987 Dare to fix things before they break . . . Our capacity for understanding is inversely proportional to how much we think we know. The more I know, the more I know I don't know . . . _______________________________________________ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
