Re: Cisco VPN Client.
Vicente Ferrando, 2003-Mar-24 16:12 +0100:
> Good afternoon,
>
> I'm using Cisco VPN client to connect a Debian box to a Cisco VPN 3005.
> I've got the client configured and working for this computer. But I want
> this linux box act like a router, making the tunnel available to the
> rest of the LAN connected to this box.
>
> This is what I've working right now:
>
> Linux box ---> Internet --->Cisco 3005 --->Lan2
>
> And what I want to:
>
> Lan1--->Linux box ---> Internet --->Cisco 3005 --->Lan2
>
> I want Lan1 to access Lan 2 using the tunnel stablished between Linux
> box and 3005.
>
> I've set Ip_forwarding to 1 on the Linux but the problen is that I'm
> not able to add any route through the cipsec0 device created by the
> Cisco VPN client. And the traffic received on the eth0 is forwarded to
> the default gateway bypassing the tunnel.
>
> May be it is not necessary to and any route to Lan2 as the VPN client
> creates a route LAN2. But I'm not sure is forwarding process is aware of
> routes not shown by "ip route show".
>
> Any help on how to get this working would be appreciated. Or if anyone
> knows if this is not posible with the Cisco client.
>
> Kind regards.
You should check the feature set for that client because it may not
allow forwarding to the IPSec tunnnel interface from anywhere other
than the local machine. I know other clients do not allow this, not
because they can't, but because the company providing the client wants
you to buy something else, more expensive, to provide such a service.
Cisco is very good at this too.
jc
--
Jeff Coppock Systems Engineer
Diggin' Debian Admin and User
Reply to: