Routing between VPN subnets|
Mon, 6 Dec 2004 09:44:54 -0800|
I am having a little routing problem after setting up my VPN with cipe.
I have two locations (lets call them A and B) that I connect with a cipe
Both locations consist of a bunch of nodes, of which one on each side is the
tunnel end point.
Both locations have static real official IPs. I then introduced local IPs
(192.168.1.0/24 for location A and 192.168.101/24 for location B). The
router in location A has the special routing that sends all the traffic with
a 192.168.101.0/24 destination through the tunnel access point. The other
side is set up identically. However, my problem is that traffic going from
the nodes in location A still has the official real IP as origin IP, not the
VPN IP. So on the way back, instead of taking the tunnel again, location B
sends the response to the official address rather than the VPN address of
location A, because the official location A Ips don't get routed through the
tunnel. This causes the response to be lost.
What do I have to do to fix this problem? I figured it would be easiest to
just have the origin node use its VPN address as origin address rather than
its official address - the question is how do I do that? I tried changing
the subnet mask of location A to /16 rather than /24, but that didn't change
I am using Fedora Core 1, in case that's important...