LinuxQuestions.org
Register a domain and help support LQ
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices



Reply
 
Search this Thread
Old 03-13-2008, 09:36 PM   #1
xxx_anuj_xxx
Member
 
Registered: Jun 2004
Location: Bharat
Distribution: RedHat, Debian, FreeBSD, Fedora, Centos
Posts: 114

Rep: Reputation: 16
sharing VPN access with lan + after vpn connected unable to ping lan/public ip


Hi,
I have a network of 192.168.10.0/24 range.
Gateway is 192.168.10.150
There is a linux machine with ip 192.168.10.201 with a nortel vpn client. I want to use this linux machine (RHEL4) to work as a gateway server to vpn for my lan, I can change local machine's gateway to use Linux box as their new gatway.

Target is to share vpn access from one linux box with other machines on local network. How to achieve it? I am trying to achieve it using shorewall firewall.

I am also facing a problem which is, after connecting to vpn, I can not ping any local machine or public ip,


My routing table is as follows:

Routing table when vpn client is off.
[root@node2 shorewall]# ip route show
10.1.10.0/24 dev eth1 proto kernel scope link src 10.1.10.2
192.168.10.0/24 dev eth0 scope link
169.254.0.0/16 dev eth1 scope link
default via 192.168.10.150 dev eth0

route -n
[root@node2 shorewall]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.1.10.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
192.168.10.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth1
0.0.0.0 192.168.10.150 0.0.0.0 UG 0 0 0 eth0

I can ping public ip's like google.com



Routing table after vpn connected.
[root@node2 shorewall]# ip route show
192.168.10.150 via 192.168.10.201 dev eth0 scope link
192.168.62.27 via 127.0.0.1 dev lo scope link
192.168.60.11 via 192.168.62.27 dev nlv0 scope link
202.33.162.196 via 192.168.10.150 dev eth0
10.1.10.0/24 dev eth1 proto kernel scope link src 10.1.10.2
192.168.10.0/24 via 192.168.62.27 dev nlv0 scope link
192.168.10.0/24 dev eth0 scope link metric 1
138.213.0.0/16 via 192.168.62.27 dev nlv0 scope link
169.254.0.0/16 dev eth1 scope link
192.168.0.0/16 via 192.168.62.27 dev nlv0 scope link
172.16.0.0/12 via 192.168.62.27 dev nlv0 scope link
I can not ping anything except pc's in vpn.



route -n
When vpn is connected
[root@node2 shorewall]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.62.19 127.0.0.1 255.255.255.255 UGH 0 0 0 lo
192.168.10.150 192.168.10.201 255.255.255.255 UGH 0 0 0 eth0
192.168.60.11 192.168.62.19 255.255.255.255 UGH 0 0 0 nlv0
202.33.162.196 192.168.10.150 255.255.255.255 UGH 0 0 0 eth0
10.1.10.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
192.168.10.0 192.168.62.19 255.255.255.0 UG 0 0 0 nlv0
192.168.10.0 0.0.0.0 255.255.255.0 U 1 0 0 eth0
138.213.0.0 192.168.62.19 255.255.0.0 UG 0 0 0 nlv0
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth1
192.168.0.0 192.168.62.19 255.255.0.0 UG 0 0 0 nlv0
172.16.0.0 192.168.62.19 255.240.0.0 UG 0 0 0 nlv0
0.0.0.0 192.168.10.150 0.0.0.0 UG 0 0 0 eth0




Thanks and Regards
Anuj
 
Old 03-14-2008, 03:50 AM   #2
karpi
Member
 
Registered: Oct 2005
Location: Germany
Distribution: Suse
Posts: 134

Rep: Reputation: 15
Hello,

you can add a route on every box with

"route add vpn-net netmask gateway"

You also have to enable routing on the vpn-box.

From what I see, when connecting to the VPN the default-gateway is deleted.
Maybe this is for security reasons.
If you want to keep your default-gateway you have to reconfigure the DHCP-part
of the vpn-setup.

HTH
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
PPTP VPN and lan access eXor Linux - Networking 3 11-26-2007 05:49 AM
VPN Access to LAN daveginorge Linux - Networking 2 08-07-2007 12:19 PM
Access to LAN via VPN fpiergen Linux - Networking 3 02-15-2007 04:14 PM
How to access VPN + LAN in iptables Firewall pradeepjagtap Linux - Security 4 10-24-2006 01:08 AM
No Internet but LAN and VPN connect LAN work fine??? xavior Suse/Novell 7 11-09-2005 02:14 PM


All times are GMT -5. The time now is 01:05 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration