Re: cross routing

From: David Efflandt (efflandt_at_xnet.com)
Date: 06/11/04 

Date: Fri, 11 Jun 2004 00:33:17 +0000 (UTC)

On 10 Jun 2004, Pascal Bourguignon <spam@thalassa.informatimago.com> wrote:
>
> Here is my problem:
>
> 2.2.2.1 +--------------+
> Internet------------------| Remote Linux |
> | +--------------+
> | |
> | |
> | VPN via Internet
> | |
> | | 2.2.2.129
> +-------------+ +-------------+
> | ADSL Router | | Local Linux |
> +-------------+ +-------------+
> | 1.1.1.1 | 1.1.1.2
> ---------------+---------------+-----------+--------
> | 2.2.2.130
> +----------+
> | Local WS |
> +----------+
>
>
> I've got a local LAN with a few public IP (1.1.1.*),
> and a remote LAN with other public IP (2.2.2.128/25).
>
> On the local LAN, I've got some workstation on a subnet of the remote
> LAN (a range 2.2.2.128/25), this subnet is bridged thru a VPN between
> the "Local Linux" box and the "Remote Linux" box.
>
> The problem is how to set up the "Local Linux" box so as to route
> packages coming from the local 2.2.2.128/25 range to "Remote Linux"
> via the VPN, while at the same time keeping the default route for this
> "Local Linux" thru the 1.1.1.1 ADSL Router (the local Internet
> connection)?
>
> The local (1.1.1.*) traffic should be routed locally, while the remote
> range (2.2.2.128/25) should be routed thru the VPN.

Just curious if proxy arp would work for a vpn? In other words if route
for ipsec0 covered 2.2.2.128/25 and assuming eth0 is 2.2.2.1, would eth0
answer for ipsec0 IPs, assuming that iptables allowed it and:

echo "1" > /proc/sys/net/ipv4/conf/eth0/proxy_arp
 
I enable proxy_arp on /24 eth0 LAN interface, so main LAN does not need a
gateway to find /29 wireless subnet on eth1 (eth0 answers arp for eth1
IPs). But I have not tried proxy_arp for a vpn. 

-- 
David Efflandt - All spam ignored  http://www.de-srv.com/

Relevant Pages

  • Re: VPN & firewalls question
    ... remote user's overall session "experience" may be slow when using just a VPN ... users are connected because all data will flow in and out of the LAN via the ...
    (microsoft.public.backoffice.smallbiz2000)
  • Re: Gateway to Gateway VPN and SBS Server 2003
    ... Their is a static route on the RMT VPN Router to 192.168.16.0 through ... Communication works perfectly one way from the Servers Lan to any part WAN ... any machine on the remote site. ...
    (microsoft.public.windows.server.sbs)
  • Re: VPN & firewalls question
    ... What types of things do your remote clients need to do after they ... If the need access to their WinXP Pro LAN computers, create a VPN and fire ...
    (microsoft.public.backoffice.smallbiz2000)
  • Re: Problems accessing DMZ (different subnet) addresses w/ PPTP VPN
    ... remote user gets an IP in the same IP subnet as the LAN machines). ... route that subnet through the VPN server. ... Persistent Routes: ...
    (microsoft.public.windows.server.networking)
  • Cant acces office LAN via VPN
    ... I can make the connection ... but I cannot in any way acces the remote LAN. ... up the VPN client to use remote DNS. ...
    (microsoft.public.windowsxp.network_web)