Hi Mitja,
When I add the route manually it's working like a charm.
But after that, all machines of my LAN ping with this following form
(Redirect Host). What does it mean ? For me the router rewrite the
destination that create an overhead.
$ ping 192.168.10.1
PING 192.168.10.1 (192.168.10.1): 56 data bytes
36 bytes from 192.168.20.254: Redirect Host(New addr: 192.168.20.254)
Vr HL TOS Len ID Flg off TTL Pro cks Src Dst
4 5 00 0054 85ff 0 0000 40 01 4b56 192.168.30.2 192.168.10.1
Cheers,Aurelien
Le 02/10/2014 04:03 PM, Mitja Muženič a écrit :
A simple trick is to add a manual route for the remote LAN to the internal
interface of your router.
-----Original Message-----
From: [email protected] [mailto:[email protected]] On Behalf
Of Aurelien Martin
Sent: Monday, February 10, 2014 3:59 PM
To: [email protected]
Subject: reach a remote LAN through IPSEC from the router
Dear all,
I'm linked to another LAN trough IPSEC. Everything is working except,
if
I try to reach the remote LAN from my OpenBSD router.
In this case, the router use the default interface (wan) instead of the
IPSEC tunneling.
I would like to be able to reach the remote LAN due to a service on the
router that need to reach it
Please follow the log in attachment (schema-and-logs.txt +
ipsec-pf-route.txt)
Any idea ?
I already try to add a dirty route that's working, but create overhead
$ ping 192.168.10.1
PING 192.168.10.1 (192.168.10.1): 56 data bytes
36 bytes from 192.168.20.254: Redirect Host(New addr:
192.168.20.254)
Vr HL TOS Len ID Flg off TTL Pro cks Src Dst
4 5 00 0054 85ff 0 0000 40 01 4b56 192.168.20.2
192.168.10.1
Have a good day
Cheers,Aurelien
