VPN SuSE 7.0 Routing

David Gillett dgillett at NIKU.COM
Thu Apr 5 17:20:48 EDT 2001


  The only time I've see "A can ping B, B cannot ping A", it turned out to
be a firewall configuration issue.  Are you running ipchains on those boxes?

David Gillett
Senior Network Engineer
Niku Corp.

> -----Original Message-----
> From: VPN Mailing List [mailto:VPN at SECURITYFOCUS.COM]On Behalf Of Uwe
> Scheffold
> Sent: Wednesday, April 04, 2001 9:23 AM
> To: VPN at SECURITYFOCUS.COM
> Subject: VPN SuSE 7.0 Routing
>
>
> Hi out there,
>
> I try to install a VPN with Linux (SuSE 7.0) Computers.
>
> Here is the networksituation:
>
> Net 1  eth0  slave   eth1      internet     eth1 master   eth0 Net 2
> ==========| SuSE 7.0 |--------->|~~~|<---------| SuSE 7.0 |============
> 192.168.2.0    I     217.89.33.11     217.6.96.3    II    192.168.1.0
>
> I use the ssh pppd, system described in miniVPN howto.
>
> The connection between the two computers works fine, but after setup of
> routes, I can only ping from Computer I (net 2) to computer II (net 1). It
> is not possible to ping from II to I and not into the network 1
> and 2. What
> went wrong?
>
> Here are the routing tables. Is anyboby able to see what is wrong here?
>
> Slave
> Kernel IP routing table
> Destination     Gateway         Genmask         Flags Metric Ref    Use
> Iface
> 192.168.101.2   0.0.0.0         255.255.255.255 UH    0      0
>     0 ppp0
> 217.89.33.0     0.0.0.0         255.255.255.0   U     0      0
>     0 eth1
> 192.168.2.0     192.168.101.2   255.255.255.0   UG    0      0
>     0 ppp0
> 192.168.1.0     0.0.0.0         255.255.255.0   U     0      0
>     0 eth0
> 127.0.0.0       0.0.0.0         255.0.0.0       U     0      0        0 lo
> 0.0.0.0         217.89.33.9     0.0.0.0         UG    0      0
>     0 eth1
>
> Master
> Kernel IP routing table
> Destination     Gateway         Genmask         Flags Metric Ref    Use
> Iface
> 192.168.101.1   0.0.0.0         255.255.255.255 UH    0      0
>     0 ppp0
> 217.6.96.0      0.0.0.0         255.255.255.248 U     0      0
>     0 eth1
> 192.168.2.0     0.0.0.0         255.255.255.0   U     0      0
>     0 eth0
> 192.168.1.0     192.168.101.1   255.255.255.0   UG    0      0
>     0 ppp0
> 127.0.0.0       0.0.0.0         255.0.0.0       U     0      0        0 lo
> 0.0.0.0         217.6.96.1      0.0.0.0         UG    0      0
>     0 eth1
>
>
> Is there a better VPN solution for this network (FreeSwan etc.)?
>
> Best Regards: Uwe Scheffold
>
> VPN is sponsored by SecurityFocus.COM
>

VPN is sponsored by SecurityFocus.COM




More information about the VPN mailing list