Hi all I have specific problem with routing trough VPN links. Linux firewall, 2 interfaces, one is LAN eth0 on C class 192.168.254.0/24, other is WAN eth1 with fixed public IP address, lets say it's 200.12.12.12
On firewall I have IPSEC LAN-to-LAN VPN tunnel with remote network 10.10.0.0/16, lets call it SiteA On firewall I have one more PPTP tunnel with remote network 192.168.20.0/24 with NAT on ppp85 interface, lets call it SiteB Both tunnels are properly set up inside Shorewall and working OK. On SiteB I have to reach 2 hosts with IP addresses 10.10.10.1 and 10.10.11.1 - addreses from SiteA network Here is entry in /etc/shorewall/masq ppp85:192.168.20.0/24 192.168.254.0/24 ppp85:10.10.10.1 192.168.254.0/24 192.168.20.220 ppp85:10.10.11.1 192.168.254.0/24 192.168.20.220 I added routes to those 2 hosts trough ppp85 interfaces but traffic from LAN is not redirected trough PPTP link - it still goes trough IPSEC link. Routing table looks like this: 10.10.10.1 192.168.20.220 255.255.255.255 UGH 0 0 0 ppp85 10.10.11.1 192.168.20.220 255.255.255.255 UGH 0 0 0 ppp85 10.10.0.0 212.92.196.77 255.255.0.0 UG 0 0 0 eth1 When I ping from firewall (ping goes directly trough ppp85 interface) i can reach those 2 hosts trough PPTP tunnel on SiteB but when I ping from my LAN or from firewall LAN interface traffic goes trough IPSEC link on SiteA and hosts are not reachable. How can I reach those 2 hosts from LAN trough PPTP VPN link? Thanks, regards LaserLine mail poruka *Ivica Glavocic* [email protected] <mailto:[email protected]> ------------------------------------------------------------------------------ See everything from the browser to the database with AppDynamics Get end-to-end visibility with application monitoring from AppDynamics Isolate bottlenecks and diagnose root cause in seconds. Start your free trial of AppDynamics Pro today! http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
