[plug] Routing problem with PPTP VPN
Paul Dean
paul at canningcollege.wa.edu.au
Sat Feb 9 19:12:49 WST 2002
On Sat, 9 Feb 2002, Jeremy Malcolm wrote:
> Just wanting to get one or two fresh pairs of eyes to look at this problem,
> because I'm out of ideas for now.
>
> .--[]-[]-[] 192.168.0.0/24 LAN .--[]-[]-[] 192.168.1.0/24 LAN
> | |
> .----------. ppp0 .--------. ppp0 .-------.
> .--|Kalgoorlie|-----( Internet )-----| Perth |--.
> | `----------' `--------' `-------' |
> | 192.168.0.1 192.168.0.40|
> `------------------ PPTP VPN -------------------'
> (/dev/ppp1)
>
> Perth's gateway machine can ping Kalgoorlie fine over the VPN and vice versa.
> All of the machines on Perth's network can ping the Internet fine over IP
> Masquerading. But, none of the machines on Perth's network apart from the
> gateway can ping Kalgoorlie over the VPN.
>
> The routing table looks thus (irrelevant fields snipped):
>
> Kernel IP routing table
> Destination Gateway Genmask Flags Iface
> 192.168.0.1 * 255.255.255.255 UH ppp1
> terminus.net.au * 255.255.255.255 UH ppp0
> 192.168.1.0 * 255.255.255.0 U eth0
> 192.168.0.0 192.168.0.1 255.255.255.0 UG ppp1
> default terminus.net.au 0.0.0.0 UG ppp0
>
You need to change you ppp1 device IP's to it own network, you can't
route over an existing broadcast address, well you could but it will be
a one way afair.
This looks like Perth's route table? yes?
If it is where is the route for 192.168.0.40 --> space....so your
traffic disappears.
Your internal LAN IP is fine I would suggest using 172.16.0.1 for Perth
ppp1 and 172.16.0.2 for Kal, this will separate the networks but
maintain the netmask/broadcast addresses.
Then you add to your route table the addresses and GW retrospectively.
> Firewalling problems have been ruled out.
>
> TIA
>
>
--
Paul Dean.
Canning College IT Support.
More information about the plug
mailing list