Problems with racoon 0.6.4 and Debian sarge

To: debian-user@lists.debian.org
Subject: Problems with racoon 0.6.4 and Debian sarge
From: Raúl Alexis Betancort Santana <rabs@dimension-virtual.com>
Date: Thu, 26 Jan 2006 08:40:20 +0000
Message-id: <[🔎] 200601260840.20570.rabs@dimension-virtual.com>
Reply-to: rabs@dimension-virtual.com

Hi all, I'm trying to configure a custom's VPN network with Debian 3.1r1 + 
ipsec-tools 0.6.4 and a kernel 2.6.15 with native IPSEC support.

I've able to configure racoon and the remote routers (Draytek Vigor 2500) to 
stablish the VPN tunnel between the Vigor and the Debian machines, and trafic 
goes ok from the central to the branch offices.
But I'm unable to configure the Debian machine to allow a remote branch office 
to comunicate to other remote branch office going throught the central 
office.
Have anyone does this kind of "star topology" with IPSEC VPN tunnels ?, 
basicaly what I whant is that all traffic that goes from one branch office to 
onther goes throught the central one, to be able to apply firewall fules over 
it.

Branch1: 
	Lan: 192.168.0.0/24

Central:
	Lan: 192.168.100.0/24

Branch2:
	Lan: 192.168.2.0/24


I've tryed to put a /16 mask on the tunnel "remote network mask" param of the 
Vigor "LAN-to-LAN VPN Config", but in that case, any traffic goes or comes 
from the tunnel, and I don't know how to use the option that says .. "Use 
this tunnel as default conection", because if I activate it, then I could not 
access the branch's router by it's public internet IP.

Any help would be aprecciated.

Reply to:

Follow-Ups:
- Re: Problems with racoon 0.6.4 and Debian sarge
  - From: Henrique de Moraes Holschuh <hmh@debian.org>

Prev by Date: Re: kde status in Etch
Next by Date: Re: Simple aptitude/apt question
Previous by thread: Re: DVD burner optimization (or how to avoid crappy burns)
Next by thread: Re: Problems with racoon 0.6.4 and Debian sarge
Index(es):
- Date
- Thread