Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 30 Nov 2001 16:29:42 -0500 (EST)
From:      "Christopher J. Michaels" <cjm2@27in.tv>
To:        <freebsd-questions@freebsd.org>
Subject:   Routing over an IPSEC tunnel.
Message-ID:  <2610.216.153.202.45.1007155782.squirrel@www.27in.tv>
next in thread | raw e-mail | index | archive | help 
Hello,

I have what seems to be (but shouldn't) a fairly complex routing problem
that I was hoping I could get some assistance on.  I couldn't find anything
in the archives on this.

I have 3 private networks that are all connected through IP sec (ESP)
tunnels (over the Internet).  The individual tunnels are all working fine.

10.0.0/24 [FreeBSD 4.4-STABLE]
10.2.1/24 [FreeBSD 4.4-STABLE]
192.168.0/24 [Linux w/ FreeS/WAN]

The current config is as follows:

 [10.0.0.1] <-tunnel-> [10.0.2.1] <-tunnel-> [192.168.0.1]
[10.0.0/24]            [10.0.2/24]           [192.168.0/24]

10.0.0/24 can talk to 10.0.2/24 just fine and 10.0.2/24 and 192.168.0/24
can talk just fine.

What I would like to do is route the two outer networks through 10.0.2.1.
I can't seem to make this work, any assistance would be appreciated.  I
can't write a route statment that will pass the traffic through.

Thanks,
--Chris

p.s. Just to be clear, while I am using nat to route the private nets to
the Internet, I am NOT using nat to route the private networks together,
this is evidenced by the fact that my tunnels work even when I flush my
ipfw rules.


ed0 is my public interface.
rl0 is my LAN interface.

=============================
The output of 'netstat -nr' is as follows (public ips are masked with 'xx'):

Internet:
Destination        Gateway            Flags    Refs      Use  Netif Expire
default            xx.xx.xx.xx        UGSc       20  1953740    ed0
10/24              10.0.2.1           UGSc        1      227    rl0
10.0.1/24          10.0.2.1           UGSc        2    16975    rl0
10.0.2.0           ff:ff:ff:ff:ff:ff  UHLWb       0       97    rl0 =>
10.0.2/24          link#2             UC          3        0    rl0
10.0.2.1           127.0.0.1          UH         19    14278    lo0
10.0.2.253         0:a0:cc:36:33:93   UHLW        4  1152013    rl0    735
10.0.2.255         ff:ff:ff:ff:ff:ff  UHLWb       1    11812    rl0
xx.xx.xx/22        link#1             UC          2        0    ed0
xx.xx.xx.xx        0:b0:64:b7:97:54   UHLW       20    28176    ed0   1199
xx.xx.xx.xx        0:0:e8:e0:f8:ec    UHLW        0    28565    lo0
127.0.0.1          127.0.0.1          UH          3   182417    lo0
192.168.0          10.0.2.1           UGSc        1     1102    rl0



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?2610.216.153.202.45.1007155782.squirrel>