[strongSwan] Route VPN server traffic via IPIP tun0

Igor j at owind.com
Wed May 9 11:46:57 CEST 2012


Hi,

I can't change the default route due to the IPIP tunnel depended on
it, the tun0 tunnel to a remote machine.
By added route "route add -net VPNNET netmask VPNMASK gw 10.1.1.1",
the client side shows a diff on traceroute result:

 1  localhost (10.1.1.2)  10.042 ms  12.354 ms  11.069 ms
 2  <normal gateway's next hop>  13.095 ms  12.053 ms  10.590 ms

but it still uses the normal gateway for VPN outgoing traffic.

Bests,
-Igor


On Wed, May 9, 2012 at 1:48 PM, Andreas Muerdter <am at tbits.net> wrote:
> Hello Igor,
>
> did you restart the vpn tunnel after the route add?
> If you change your default route for a test to 10.1.1.1, is this working?
>
> Regards
> Andreas
>
> Igor schrieb am 08.05.2012 um 20:07 Uhr
>
>
>> Hi, Andreas
>>
>> This is a VPN roadwarrior server, I want all the VPN traffic(left
>> side?) route via IPIP tunnel instead of default gateway. " route add
>> -net VPNNET netmask VPNMASK gw 10.1.1.1 " seems not
>>  work here.
>>
>> Bests,
>> -Igor
>>
>>
>> On Tue, May 8, 2012 at 2:18 PM, Andreas Muerdter  wrote:
>
>> > Hi Igor,
>> >
>> > I think you need a route like
>> >
>> >  route add -net VPNNET netmask VPNMASK gw 10.1.1.1
>>
>> >
>> > Regards
>> > Andreas
>> >
>> > Igor schrieb am 07.05.2012 um 20:35 Uhr
>> >
>> >> I have a tun0 interface by IPIP tunnel like:
>> >  >
>> >  > tun0      Link encap:IPIP Tunnel  HWaddr
>> >  >           inet
>> addr:10.1.1.2  P-t-P:10.1.1.1  Mask:255.255.255.255
>> >  >
>> >  > How can I route all VPN traffic through the
>> >  > tun0 interface on the
>> >  > server instead of default route, tried leftnexthop=10.1.1.1
>> but it
>> >  > doesn't work.
>> >  >
>> >  > Thanks!
>> >  >
>> >  > Bests,
>> >  > -Igor
>> >  >
>> >  > _______________________________________________
>> >  > Users mailing list
>> >  >
>> >  > Users at lists.strongswan.org
>> >
>>https://lists.strongswan.org/mailman/listinfo/users
>> >  >
>> >  > ---
>> >  > This message has been scanned for viruses and
>> >  > dangerous content by MailScanner, and is
>> >  > believed to be clean.
>> >  >
>> >
>>  >
>> >
>> >
>> >
>> >
>> >  --
>> > --
>> > Mit freundlichen Grüßen
>> > Best regards
>> >
>> > Andreas Mürdter
>> > IT Systemmanager
>> >
>> > TBits.net GmbH, Seeweg 6, 73553 Alfdorf, Germany
>> > phone: +49 (0)7172 18391-37, fax: +49
>> (0)7172 18391-99
>> > Geschäftsführer: Thomas Börnert, Amtsgericht Stuttgart HRB 281836
>> > USt.-IdNr. DE 207 740 994
>> >
>> >
>>
>> --
>
>> This message has been scanned for viruses and
>> dangerous content by
>> MailScanner, and is
>> believed to be clean.
>>
>>
>
>
>
>
> --
> --
> Mit freundlichen Grüßen
> Best regards
>
> Andreas Mürdter
> IT Systemmanager
>
> TBits.net GmbH, Seeweg 6, 73553 Alfdorf, Germany
> phone: +49 (0)7172 18391-37, fax: +49 (0)7172 18391-99
> Geschäftsführer: Thomas Börnert, Amtsgericht Stuttgart HRB 281836
> USt.-IdNr. DE 207 740 994
>




More information about the Users mailing list