[plug] IPsec and MTU
Bernard Blackham
bernard at blackham.com.au
Wed Nov 24 18:11:57 WST 2004
On Wed, Nov 24, 2004 at 12:24:19PM +0800, Adrian Woodley wrote:
> Minus-Tirith:~# ping -I 192.168.1.1 192.168.2.1
> PING 192.168.2.1 (192.168.2.1) from 192.168.1.1 : 56(84) bytes of data.
> 64 bytes from 192.168.2.1: icmp_seq=1 ttl=64 time=30.7 ms
>
> I can't SNAT the gateway's address as SNAT applies to POSTROUTING, ie
> after the packet should be on the VPN.
>
> Any ideas on how I can get the ICMP packets to be sent from the LAN
> address and be transmitted over the VPN?
Using iproute2:
ip route add 192.168.2.0/24 via gateway.ip (or dev) src 192.168.1.1
The src bit on the end should do the trick.
Bernard.
--
Bernard Blackham <bernard at blackham dot com dot au>
More information about the plug
mailing list