Re: Routing, maybe NAT...
John Von Essen <john@essenz.com> writes:
> The 3 computers are configured with IP's 192.168.1.100-102. They have 192.
> 168.1.1 as the default router address. The *.101 and *.102 machines
> are end user, Mac and Win98. The *.100 is running Debian Linux with
> tunnelv. The machine has 192.168.1.100 as IP, 192.168.1.1 as default
> router. When I startup tunnelv, it adds some stuff to routing tables,
> and obviously allows me to access my work's private network (which is
> a 192.168.42.*). Everything works fine and the Debian box can access
> the private network. But... I now want to provide this same VPN access
> over to my other machines, the Mac and the Win98 box.
>
> So I thought that I could setup the Debian box as a gateway. This is
> what I did:
>
> Set default router address on Mac and Win98 to the Debian box's IP,
> 192.168.1.100. Started up /usr/sbin/routed
>
> With just that done, it didn't work
You don't need routed
enable packet forwarding on the tunnelv host:
echo "1" >/proc/sys/net/ipv4/ip_forward
It is better to leave the default gateway on the win and mac hosts set
to your router and just add a static route for the 192.168.42.0/24
network with the tunnelv host as the gateway.
I don't remember how one does this on windows, (type "route" at a
command prompt), I never knew for the mac but if it is OSX it should
be something sensible.
Of course leaving the tunnel host as their default gateway will work
but it is inneficient as your local machines will forward packets
first to your Debian host which will then forward them to your local
router, turning off the debian box, (does anyone do that? :) would
knock out their inet access.
hth,
jereme
--
+--------------------------------------------------------------+
Jereme Corrado <jereme@restorative-management.com>
System Administrator
Restorative Management Corp.
gpg: 1024D/9C39E1F0
Reply to: