"'Andreas Grabner'" <andreas,AT,grabner-it,DOT,at>|
RE: Routing between VPN subnets|
Wed, 8 Dec 2004 09:37:29 -0800|
Well, it works if I add the respective routing to each machine at location A
and location B.
I just wanted to avoid having to setup special routing on each computer, I
just wanted to do a routing in the router itself and that's it.
But I guess that only works if I NAT the real origin IP back to the
corresponding VPN IP in the router, which will be a pain as well -
especially since there is already a whole bunch of other mapping going on in
So I guess I will just configure the routing everywhere for now...
> -----Original Message-----
> From: Andreas Grabner [mailto:grabner,AT,grabner-it,DOT,at On
> Behalf Of Andreas Grabner
> Sent: Tuesday, December 07, 2004 11:15 PM
> To: Mark
> Subject: Re: Routing between VPN subnets
> have the same setup and it works, so make shure there is no mistake.
> On Mon, Dec 06, 2004 at 09:44:54AM -0800, Mark wrote:
> > Both locations have static real official IPs. I then
> introduced local IPs
> > (192.168.1.0/24 for location A and 192.168.101/24 for
> location B). The
> > router in location A has the special routing that sends all
> the traffic with
> > a 192.168.101.0/24 destination through the tunnel access
> point. The other
> > side is set up identically. However, my problem is that
> traffic going from
> > the nodes in location A still has the official real IP as
> origin IP, not the
> > VPN IP. So on the way back, instead of taking the tunnel
> again, location B
> > sends the response to the official address rather than the
> VPN address of
> > location A, because the official location A Ips don't get
> routed through the
> > tunnel. This causes the response to be lost.
> i would do routing lije this:
> Location A:
> route add -net 192.168.101.0/24 gw "cipe_ppp_adress" # where
> cipe_ppp_adress should be also an local address.
> Location B:
> route add -net 192.168.1.0/24 gw "This-site-cipe_ppp_adress"
> cipes ppp address is shown with
> ifconfig cipcb0
> do your Cipe interface a transit network?
> Andreas Grabner