On Sat, 6 Oct 2007, Layne Evans wrote:
>Hello all,
>
>I am having some trouble with a routing situation that is difficult for
>me to explain, so if you need more info let me know.
>
>vendor -->vendor router<-- Internal LAN Location A -->OBSD GW A<-- Internet
> VPN Between
>Internet -->OBSD GW B<-- Internal LAN Location B
>
> From the above I will try and describe the situation. A vendor has a
>private T1 that terminates through NAT to the customers Internal LAN at
>location A, the IP addresses that this vendor is using are part of there
>public IP space but they are not routable over the Internet just through
>the T1. I have a OpenBSD box at that location that provides internet
>access and routes the block of IPs belonging to the vendor to the
>vendor's router.
>
>There is a VPN between the OpenBSD boxes at both locations which is
>performing fine and I can contact both internal LANs from the other.
>
>The problem that I have not been able to solve is that the workstations
>at location B need to get to the vendor's router at location A using the
>public IPs of the vendor. I have tried using route-to in pf and some
>ideas I had in the routing table, but so far nothing has routed the
>packets over the VPN. I am sure I am missing something basic, but so far
>I have not been able to see it.
>
>Some info: (these are representative IPs)
>Vendor's IP block that need to go over their T1: 207.12.0.0/18
>Internal LAN A: 10.74.10.0/24
>Vendor router Internal LAN IP: 10.74.10.245
>OpenBSD A Internal IP: 10.74.10.254
>OpenBSD A External IP: a.b.c.d
>OpenBSD B Internal IP: 10.76.10.254
>OpenBSD B External IP: w.x.y.z
>
>Any pointers will sure be appreciated.
Maybe I'm missing something, but (given that everything else is working
and assuming that the systems on LAN B have a default route directed to
GW B) wouldn't a static route on GW B for 207.12.0.0/18 pointing to
10.74.10.245 do the job?
Dave
--
Dave Anderson
<[EMAIL PROTECTED]>
