Hi, I want to connect two satellite offices to a main office using openswan and ipsec vpn.
SatSite1 --- Main --- SatSite2 192.168.30.0/24 --- 1.1.1.1 --- 2.2.2.2 --- 192.168.20.0/24 --- 2.2.2.2 --- 3.3.3.3 --- 192.168.25.0/24 Where 1.1.1.1, 2.2.2.2, and 3.3.3.3 are the public ip addresses of the three sites I have successfully got the VPNs working between the the two satellite sites and the main site but I can't figure out how to route traffic from one satellite site to the other. From host1 in SatSite1 I can ping host2 in Main but not host3 in SatSite2 Host1 (192.168.30.X) can ping 192.168.20.X but can't ping 192.168.25.X Adding a route at either end gives an error message ip route add 192.168.25.0/24 via 192.168.20.254 RTNETLINK answers: No such process Even though I can ping the system ping 192.168.20.254 PING 192.168.20.254 (192.168.20.254) 56(84) bytes of data. 64 bytes from 192.168.20.254: icmp_seq=1 ttl=64 time=49.6 ms Routing table on SatSite1 router 1.1.1.0/24 dev eth1 proto kernel scope link src 1.1.1.1 192.168.20.0/24 via 1.1.1.254 dev eth1 192.168.30.0/24 dev eth0 proto kernel scope link src 192.168.30.254 169.254.0.0/16 dev eth1 scope link default via 1.1.1.254 dev eth1 I could add yet another vpn from SatSite1 to SatSat2 but it doesn't scale well. ps, I know this is slightly off topic. Any pointers would be helpful. Thanks ------------------------------------------------------------------------- This SF.net email is sponsored by the 2008 JavaOne(SM) Conference Don't miss this year's exciting event. There's still time to save $100. Use priority code J8TL2D2. http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
