sharing VPN access with lan + after vpn connected unable to ping lan/public ip
Hi,
I have a network of 192.168.10.0/24 range. Gateway is 192.168.10.150 There is a linux machine with ip 192.168.10.201 with a nortel vpn client. I want to use this linux machine (RHEL4) to work as a gateway server to vpn for my lan, I can change local machine's gateway to use Linux box as their new gatway. Target is to share vpn access from one linux box with other machines on local network. How to achieve it? I am trying to achieve it using shorewall firewall. I am also facing a problem which is, after connecting to vpn, I can not ping any local machine or public ip, :scratch: My routing table is as follows: Routing table when vpn client is off. [root@node2 shorewall]# ip route show 10.1.10.0/24 dev eth1 proto kernel scope link src 10.1.10.2 192.168.10.0/24 dev eth0 scope link 169.254.0.0/16 dev eth1 scope link default via 192.168.10.150 dev eth0 route -n [root@node2 shorewall]# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 10.1.10.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 192.168.10.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth1 0.0.0.0 192.168.10.150 0.0.0.0 UG 0 0 0 eth0 I can ping public ip's like google.com Routing table after vpn connected. [root@node2 shorewall]# ip route show 192.168.10.150 via 192.168.10.201 dev eth0 scope link 192.168.62.27 via 127.0.0.1 dev lo scope link 192.168.60.11 via 192.168.62.27 dev nlv0 scope link 202.33.162.196 via 192.168.10.150 dev eth0 10.1.10.0/24 dev eth1 proto kernel scope link src 10.1.10.2 192.168.10.0/24 via 192.168.62.27 dev nlv0 scope link 192.168.10.0/24 dev eth0 scope link metric 1 138.213.0.0/16 via 192.168.62.27 dev nlv0 scope link 169.254.0.0/16 dev eth1 scope link 192.168.0.0/16 via 192.168.62.27 dev nlv0 scope link 172.16.0.0/12 via 192.168.62.27 dev nlv0 scope link I can not ping anything except pc's in vpn. route -n When vpn is connected [root@node2 shorewall]# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 192.168.62.19 127.0.0.1 255.255.255.255 UGH 0 0 0 lo 192.168.10.150 192.168.10.201 255.255.255.255 UGH 0 0 0 eth0 192.168.60.11 192.168.62.19 255.255.255.255 UGH 0 0 0 nlv0 202.33.162.196 192.168.10.150 255.255.255.255 UGH 0 0 0 eth0 10.1.10.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 192.168.10.0 192.168.62.19 255.255.255.0 UG 0 0 0 nlv0 192.168.10.0 0.0.0.0 255.255.255.0 U 1 0 0 eth0 138.213.0.0 192.168.62.19 255.255.0.0 UG 0 0 0 nlv0 169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth1 192.168.0.0 192.168.62.19 255.255.0.0 UG 0 0 0 nlv0 172.16.0.0 192.168.62.19 255.240.0.0 UG 0 0 0 nlv0 0.0.0.0 192.168.10.150 0.0.0.0 UG 0 0 0 eth0 Thanks and Regards Anuj |
Hello,
you can add a route on every box with "route add vpn-net netmask gateway" You also have to enable routing on the vpn-box. From what I see, when connecting to the VPN the default-gateway is deleted. Maybe this is for security reasons. If you want to keep your default-gateway you have to reconfigure the DHCP-part of the vpn-setup. HTH |
All times are GMT -5. The time now is 08:39 AM. |