Thanks a lot, that seems a way. I already start creating intermediate routes on the server, traffic starts passing. It is not a convenient solution, but, at least, my task will be solved soon. ipip tunnel is an another option which I should look into, it even may be better to suit my needs. Thanks again, Phil!
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On May 6, 2018 10:52 PM, Phil Frost <[email protected]> wrote: > That's simply not how IP works. Without any special options, the IP header > doesn't contain the path, but only the final destination. Nominally, the path > is determined independently by each router deciding what the next hop is, and > adjacent routers are on the same L2 network (which may be a point-to-point > ethernet link of only two hosts, or in your case, a virtual one implemented > as an IPsec tunnel.) > > The canonical solution would be to have a route on the server (10.10.1.1, I > think it was?). Other ideas involve an ipip tunnel between the clients > (10.10.3.1 and 10.10.2.1), or possibly you can do something with IP source > routing options.
