Hi, Yes that does work and is the problem as mentioned, but I don't
know how to change the source address for the 'netcat' command payload?
Ping was just a test to see what is going on..
Cheers, Andy.
On Thu 04 Jul 2013 14:08:41 BST, Anders Berggren wrote:
When I try to do a ping or otherwise on the remote firewalls to the head office
lan, I get a 'no route to host' error which implies that the IPSec vpn policy
route which can be seen in the 'route show' is not being used as the source IP
of the ping/payload is not going to have the firewalls internal LAN addres to
match the policy route etc..
Perhaps you've created flows from our LAN network range only? If so, for a ping
to work, you need to specify the local IP, like
ping -I 192.168.1.1 192.168.2.1
Make sure you originate the traffic from an IP included in the flow
specification.
