[strongSwan] Connection works, but no access to network
Tobias Brunner
tobias at strongswan.org
Tue Jul 30 19:21:06 CEST 2013
Hi Gregg,
First, let me point out the "Forwarding and Split-Tunneling" guide on
our wiki [1].
> iface eth0 inet static
> address 192.168.1.102
> netmask 255.255.255.0
> gateway 192.168.1.1
> network 192.168.1.0
> broadcast 192.168.1.255
> dns-search XXXX.com
> dns-nameservers XXX.XXX.XXX.XXX
Do the hosts behind the VPN gateway (192.168.1.0/24) know that they have
to send packets for 192.168.200.160/28 to your VPN gateway at
192.168.1.102 and not the default gateway at 192.168.1.1? If not, you
will have to change the routing somehow, for instance, add a route to
each host behind the VPN (manually, or e.g. via DHCP option 121), or add
a static route on your default gateway that directs the traffic to your
VPN gateway.
Regards,
Tobias
[1]
http://wiki.strongswan.org/projects/strongswan/wiki/ForwardingAndSplitTunneling
More information about the Users
mailing list