[strongSwan] Strongswan 4.5.1 IKE V2 - ip route result

CETIAD - Fabrice Barconnière fabrice.barconniere at ac-dijon.fr
Fri Mar 18 13:45:51 CET 2011


I think it's not a route problem but iptables rules missing.
I'm in test configuration and my DNS server has IP 192.168.232.2 
(include in remote subnet but not physically in this subnet).

Don't pay attention to my message.


Le 18/03/2011 10:32, CETIAD - Fabrice Barconnière a écrit :
> Hello,
>
> I have two gateways with eth0 subnet address 192.168.10.0/25 and gateway
> address 192.168.10.1.
>
> Amon:
> eth0: 192.168.10.10/25
> eth1: 10.21.11.1/24
> eth2: 172.16.0.0/24
> eth3: 10.121.11.1/24
>
> Sphynx:
> eth0: 192.168.10.5/25
> eth1: 172.30.107.5/25
> Other subnets via eth1 behind a router:
> 10.0.0.0/8
> 192.168.0.0/16
> 172.16.0.0/12
>
> Amon gateway must access remote network 192.168.0.0/16 behind the other
> Sphynx gateway.
>
> On Amon, when tunnels are up, "ip route get 192.168.10.1" command shows :
> 192.168.10.1 via 192.168.10.5 dev eth0  src 10.121.11.1
> And internet access is impossible.
>
> After setting down tunnel Amon_eth1 --- Sphynx_192.168.0.0/16, "ip route
> get 192.168.10.1" command shows :
> 192.168.10.1 dev eth0  src 192.168.10.10
> And internet access is OK but the tunnel is down.
>
> Is it possible to have this configuration ?
> Or is it impossible for eth0 address to be included in a remote subnet ?
> If it's possible to have eth0 network included in a remote subnet
> address how can we configure this ?
> For information I use sqlite database.
>
> Regards
> Fabrice Barconnière
> CETIAD
> Rectorat de DIJON
>
> _______________________________________________
> Users mailing list
> Users at lists.strongswan.org
> https://lists.strongswan.org/mailman/listinfo/users
>




More information about the Users mailing list