LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)
-   -   VPN and destination unreachable / new install mandriva. All other address fine. (https://www.linuxquestions.org/questions/linux-networking-3/vpn-and-destination-unreachable-new-install-mandriva-all-other-address-fine-543919/)

MikeOfAustin 04-06-2007 06:51 PM

VPN and destination unreachable / new install mandriva. All other address fine.
 
Hi all. I usually google my problem before I bother others with them, and this is probably on it's 4th day of trying to debug, and I simply can't take it anymore (no hair left). Also, I'm fairly new to this, so I must apoligize ahead of time, if this is a n00b thing (and I hope it is).

A new install of Mandriva (2007.0). Everything works great.

I've installed a ci$co VPN client (and am using the profile supplied by my work). When I start VPN, I get a tunnel, I'm assigned a client address IP of 10.1.15.*, and I can see the server address,

ie;
Code:

Your VPN connection is secure.
VPN tunnel information.
Client address: 10.1.15.6
Server address: 64.128.24.7
Encryption: 168-bit 3-DES
Authentication: HMAC-MD5
IP Compression: None
NAT passthrough is active on port UDP 10000
Local LAN Access is disabled

At this point, I can still surf the internet / access and ping anything _Except_ any other ip address in my group (10.1.15.*).

When I try to ping anyone in that same area 10.1.15.*, I get

" From 10.1.15.6 icmp_seq=1 Destination Host Unreachable "

Now, this is ONLY in that area. I can still go everywhere else on the internet, just not in this group (I know there are multiple systems in this group).

Is this a firewall coniguration this? A NAT configuration thing? To my knowledge, I have not configured/touched ANYTHING on the new install yet (its' all default, so firewall, etc is default).


Here are my goodies;

PHP Code:

[name-hidden@adsl-71-145-143-* /]$ netstat -r
Kernel IP routing table
Destination     Gateway    Genmask      Flags   MSS Window  irtt Iface
vpnaustin
.sigma adsl-71-145-143 255.255.255.255 UGH       0 0          0 eth0
192.168.100.0  10.1.15.6   255.255.255.0 UG        0 0          0 cipsec0
172.16.100.0   10.1.15.6   255.255.255.0 UG        0 0          0 cipsec0
71.145.143.0    
*           255.255.255.0 U         0 0          0 eth0
10.1.0.0       
*           255.255.240.0 U         0 0          0 cipsec0
10.2.0.0       10.1.15.6    255.255.0.0  UG        0 0          0 cipsec0
10.35.0.0      10.1.15.6    255.255.0.0  UG        0 0          0 cipsec0
10.3.0.0       10.1.15.6    255.255.0.0  UG        0 0          0 cipsec0
10.1.0.0       10.1.15.6    255.255.0.0  UG        0 0          0 cipsec0
10.6.0.0       10.1.15.6    255.255.0.0  UG        0 0          0 cipsec0
10.7.0.0       10.1.15.6    255.255.0.0  UG        0 0          0 cipsec0
10.4.0.0       10.1.15.6    255.255.0.0  UG        0 0          0 cipsec0
10.20.0.0      10.1.15.6    255.255.0.0  UG        0 0          0 cipsec0
10.5.0.0       10.1.15.6    255.255.0.0  UG        0 0          0 cipsec0
10.254.0.0     10.1.15.6    255.255.0.0  UG        0 0          0 cipsec0
10.9.0.0       10.1.15.6    255.255.0.0  UG        0 0          0 cipsec0
default         adsl-71-145-143 0.0.0.0   UG        0 0          0 eth0 

ifconfig;

PHP Code:

cipsec0   Link encap:Ethernet  HWaddr 00:0B:FC:F8:01:8F  
          inet addr
:10.1.15.6  Mask:255.255.240.0
          inet6 addr
fe80::20b:fcff:fef8:18f/64 Scope:Link
          UP RUNNING NOARP  MTU
:1356  Metric:1
          RX packets
:144 errors:0 dropped:0 overruns:0 frame:0
          TX packets
:0 errors:0 dropped:742 overruns:0 carrier:0
          collisions
:0 txqueuelen:1000 
          RX bytes
:16744 (16.3 KiB)  TX bytes:(0.0 b)


eth0      Link encap:Ethernet  HWaddr 00:0D:61:06:6C:76  
          inet addr
:71.145.143.*  Bcast:71.145.143.255  Mask:255.255.255.0
          inet6 addr
fe80::20d:61ff:fe06:6c76/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU
:1500  Metric:1
          RX packets
:33776 errors:0 dropped:0 overruns:0 frame:0
          TX packets
:38043 errors:0 dropped:0 overruns:0 carrier:0
          collisions
:0 txqueuelen:1000 
          RX bytes
:13572390 (12.9 MiB)  TX bytes:3280497 (3.1 MiB)
          
Interrupt:17 Base address:0xc000 
 

lo        Link encap
:Local Loopback  
          inet addr
:127.0.0.1  Mask:255.0.0.0
          inet6 addr
: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU
:16436  Metric:1
          RX packets
:49758 errors:0 dropped:0 overruns:0 frame:0
          TX packets
:49758 errors:0 dropped:0 overruns:0 carrier:0
          collisions
:0 txqueuelen:
          RX bytes
:4423952 (4.2 MiB)  TX bytes:4423952 (4.2 MiB

(FWIW, you can see that cipsec0 has dropped all TX packets and sent none.)

A look into my resolv.conf yeilds; (why the redundant nameserver?)

PHP Code:

domain sigmatel.com
nameserver 192.168.0.1
nameserver 192.168.0.1
search sigmatel
.com dsl.austtx.sbcglobal.net 


thecarpy 04-06-2007 07:28 PM

You need to add a route to that network.
try to add a route:

route add 10.0.0.0/8 gw 10.1.15.6

add a nameserver from that network as well into your resolv.conf.

what does route print shoz you? please report back with route print output if the above does not help ... btw ... not sure if the syntax is ok ... iut's out of the top of my head ;-).


All times are GMT -5. The time now is 09:46 PM.