On Wed, 8 Aug 2001, Christoph Egger wrote:
Hi!
I wanna set up a VPN using FreeS/WAN through two Gateways (both are SuSE Linux 7.2 machines, btw).
The network is this:
Subnet 192.168.2.0 ------- 192.168.2.200 Gateway 62.180.107.61 ^ | tunnel | v 62.180.107.60 Gateway Subnet 192.168.2.91 ------- 192.168.2.0
I got the tunnel. But I can send NOTHING over it. When I enable debugging with "ipsec klipsdebug --set rcv" then I get the message, that I don't use IPSEC packets. As far as I understand the documentation FreeS/WAN should generate IPSEC packets by automatically encapsulating any kind of packets. Enabling debugging with "ipsec klipsdebug --set tunnel-xmit" says, "... no eroute". I know, what that means by reading the docs :), but I don't how to set a appropriate eroute... :-(
One problem I see is that the private subnet on each end of the tunnel is using the same address space. How is a machine supposed to know if destination 192.168.2.75 is on the local subnet, or needs to be forwarded thru the tunneling gateway? Re-address one of the local private subnets so that their address spaces don't overlap. Then set routing so that the local subnet is local, and the remote private subnet is gatewayed thru the local end of the tunnel. -- Rick Green "I have the heart of a little child, and the brain of a genius. ... and I keep them in a jar under my bed"