[plug] Routing... through VPN
Bernd Felsche
bernie at innovative.iinet.net.au
Tue Aug 3 10:14:17 WST 2004
I have a VPN tunnel (OpenVPN) working between two sites but have a
small problem with routing out from one site to another, through the
tunnel.
In order to facilitate the VPN in addition to a real private
network, I've overlaid a new set of private IP addresses for key
hosts, so the topology looks something like this:
+-----------------+ +-----------------+
| Server A | LAN | Firewall A |
| VPN 10.0.9.1 |--------| VPN 10.0.9.9 |
| LAN 192.168.9.1 | | LAN 192.168.9.9 |
+-----------------+ | TUN 10.1.0.9 |
| +-----------------+
| LAN ||
| || Internet
[Cisco] ||
| +-----------------+
| Frame Relay | Firewall+Serv B |
[Cisco] | VPN 10.0.8.1 |
| LAN | LAN 192.168.8.1 |
+---------------------| TUN 10.1.0.8 |
+-----------------+
Firewall A is the default gateway for Server A
IP forwarding is ON at Firewall A.
I can ping, ssh, etc to Firewall A's VPN address from Firewall B.
I can ping, ssh, etc to Server A's VPN address from Firewall B.
I can ping, ssh, etc to Firewall B's VPN address from Firewall A.
Problem:
I can't ping Firewall B's VPN or TUN address from Server A.
A traceroute stops at Firewall A.
Routing on Firewall A is essentially a mirror of that on Firewall B.
What could I have missed?
--
/"\ Bernd Felsche - Innovative Reckoning, Perth, Western Australia
\ / ASCII ribbon campaign | I'm a .signature virus!
X against HTML mail | Copy me into your ~/.signature
/ \ and postings | to help me spread!
More information about the plug
mailing list