Routing table problem - can't route over ppp link
I have succesfully established a ppp link between two offices, from one linux firewall to another. In this scenario FW1 initates the connection to FW2, and the addressing is as follows:
(Workstation) 172.31.254.xxx <---> 172.31.254.1 (FW1 ) 172.31.241.1 <------------------ppp------------------> 172.31.240.1 (FW2) 172.31.244.1 <---> 172.31.244.xxx (Workstation)
After the ppp link is established, my routes on FW1 are as follows:
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
172.31.240.1 * 255.255.255.255 UH 0 0 0 ppp0
174.110.57.0 * 255.255.255.128 U 0 0 0 eth3
172.31.254.0 * 255.255.255.0 U 0 0 0 eth2
169.254.0.0 * 255.255.0.0 U 0 0 0 eth3
default 174.110.57.1 0.0.0.0 UG 0 0 0 eth3
Now, a client (172.31.254.50) on the left network tries to ping the remote firewall at 172.31.240.1 but it never reaches the destination. Similarly, this client can't ping any workstation on the right (172.31.244.50). So I added the route:
route add -net 172.31.241.0 netmask 255.255.255.0 dev ppp0
But still not working..... So, my questions are:
1. What routes do I have to add on FW1 to enable the left network to ping/access the remote firewall (FW2) and remote workstations (172.31.244.x)
2. What routes do I have to add to FW2 to enable the reverse?
3. What is the best place to add these routes so they are added & deleted as the tunnel goes up and down? (eg: in the event of a link failure)
Thanks,
Michelle
|