secvpn routing issue
Greetings,
Okay gang, I need help again. I'm doing the vpn thing with secvpn. I've
got routing issues. Let me first run down the systems:
System #1 (foo)
----------------------
Linux foo 2.4.12 #1 Wed Nov 21 08:34:48 CST 2001 i686 unknown
running on fairly recent woody
eth1 Link encap:Ethernet HWaddr 00:50:BA:F3:EC:3A
inet addr:192.168.100.100 Bcast:192.168.100.255
Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:392228 errors:0 dropped:0 overruns:0 frame:0
TX packets:172 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:24167762 (23.0 Mb) TX bytes:38967 (38.0 Kb)
Interrupt:9 Base address:0xef20
ppp0 Link encap:Point-to-Point Protocol
inet addr:10.1.1.1 P-t-P:10.1.1.2 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:3857 errors:1 dropped:0 overruns:0 frame:0
TX packets:3850 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3
RX bytes:323536 (315.9 Kb) TX bytes:323124 (315.5 Kb)
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use
Iface
10.1.1.2 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0
192.168.100.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
172.16.0.0 10.1.1.2 255.255.0.0 UG 0 0 0 ppp0
Chain input (policy ACCEPT):
Chain forward (policy ACCEPT):
Chain output (policy ACCEPT):
This machine is the initiator for the secvpn vpn. I've removed the
references to internet for obvious reasons.
System #2 (bar)
------------------------
Linux bar 2.2.19 #1 Thu Nov 1 19:52:06 EST 2001 i586 unknown
running on fairly recent potato
eth1 Link encap:Ethernet HWaddr 00:08:C7:05:61:36
inet addr:172.16.1.43 Bcast:172.16.255.255 Mask:255.255.0.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
Interrupt:11 Base address:0x8000
ppp0 Link encap:Point-to-Point Protocol
inet addr:10.1.1.2 P-t-P:10.1.1.1 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:6638 errors:0 dropped:0 overruns:0 frame:0
TX packets:6645 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:10
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use
Iface
10.1.1.1 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0
192.168.100.0 10.1.1.1 255.255.255.0 UG 0 0 0 ppp0
172.16.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth1
Chain input (policy ACCEPT):
Chain forward (policy ACCEPT):
Chain output (policy ACCEPT):
This machine is the recipient for the secvpn vpn. I've removed the
references to internet for obvious reasons.
So here's the scoop. I can ping 172.16.1.43 from foo, and I can ping
192.168.100.100 from bar. I can ssh to and from both, and they connect
without a hitch. The problem is that I can't ping 192.168.100.1 from bar,
and I cannot 172.16.1.1 from foo. If I try to traceroute 192.168.100.1 from
bar it gets as far as 10.1.1.1 and dies out. Help, help, help.
Thanks,
Brooks
Reply to: