<< | Thread Index | >> ]    [ << | Date Index | >> ]

To: <cipe-l,AT,inka,DOT,de>
Subject: Routing between VPN subnets
From: "Mark" <msalists,AT,gmx,DOT,net>
Date: Mon, 6 Dec 2004 09:44:54 -0800
Importance: Normal

Hi,

I am having a little routing problem after setting up my VPN with cipe.
I have two locations (lets call them A and B) that I connect with a cipe
tunnel.
Both locations consist of a bunch of nodes, of which one on each side is the
tunnel end point.

Both locations have static real official IPs. I then introduced local IPs
(192.168.1.0/24 for location A and 192.168.101/24 for location B). The
router in location A has the special routing that sends all the traffic with
a 192.168.101.0/24 destination through the tunnel access point. The other
side is set up identically. However, my problem is that traffic going from
the nodes in location A still has the official real IP as origin IP, not the
VPN IP. So on the way back, instead of taking the tunnel again, location B
sends the response to the official address rather than the VPN address of
location A, because the official location A Ips don't get routed through the
tunnel. This causes the response to be lost.

What do I have to do to fix this problem? I figured it would be easiest to
just have the origin node use its VPN address as origin address rather than
its official address - the question is how do I do that? I tried changing
the subnet mask of location A to /16 rather than /24, but that didn't change
anything.

I am using Fedora Core 1, in case that's important...

Thanks,

MARK


<< | Thread Index | >> ]    [ << | Date Index | >> ]