Date: Mon, 15 Jul 2002 16:53:03 +0900 From: Shoichi Sakane <sakane@kame.net> To: vulture@consult-scs.com Cc: freebsd-net@FreeBSD.ORG Subject: Re: IPSEC Tunnel Message-ID: <20020715165303Y.sakane@kame.net> In-Reply-To: Your message of "Tue, 09 Jul 2002 22:07:40 -0700" <3D2BC11C.2000508@consult-scs.com> References: <3D2BC11C.2000508@consult-scs.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> Is it not possible to have the internal ip addresses of the tunnel > machines talk with other internal addresses on the other side of the tunnel? > Example Set Up: > Packets from say 192.168.0.2 to 192.168.1.1 and back > (192.168.0.0/24 Lan)-(192.168.0.1 Internal)->(200.0.0.1 > Interface)===IPSEC TUNNEL===(200.0.0.2 Inteface)<-(192.168.1.1 > Internal)-(192.168.0.1/24 Lan) > > I can see the packets from 192.168.0.2->192.168.1.1 under tcpdump of > 200.0.0.2 as a (ipip) Packet from 200.0.0.1->200.0.0.2 having > 192.168.0.2->192.168.1.1 listed but the packet just seems to disappear > after that. It does not show up under lo0 or the internal interface. because the network behind the gateway 200.0.0.2 is 192.168.0.1/24 as you descirbed. any packet to 192.168.1.1 can not be routed by 200.0.0.2. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020715165303Y.sakane>