[Swan] Traffic not being routed into the tunnel
Igor Jovanovic
skipper.net at gmail.com
Thu Sep 18 18:43:17 EEST 2014
Hello,
We have host-to-subnet PSK setup with tunnel up and running - with main
issue being that the traffic is not being routed into the tunnel.
Our lan (eth3): 192.168.100.0/24
Our encryption domain 192.18.0.0/24
Our public IP (eth1): x.x.194.130/30
Public nexthop(eth1): x.x.194.129/30
Our ED IP (eth1:1): 192.18.0.1/24
Other end IP: y.y.34.140
Other end subnet: 6.0.0.0/8
VPN Setup:
config setup
klipsdebug=all
plutodebug=all
protostack=netkey
nat_traversal=no
virtual_private=
oe=off
conn vic-bsc-1
forceencaps=yes
dpddelay=30
dpdtimeout=120
dpdaction=restart_by_peer
ike=aes256-sha1;modp1024!
phase2alg=aes256-sha1
ikelifetime=86400s
authby=secret
type=tunnel
salifetime=3600s
pfs=no
aggrmode=yes
left=x.x.194.130
leftnexthop=x.x.194.129
leftsubnet=198.18.0.0/24
right=y.y.34.140
rightnexthop=x.x.194.129
auto=start
rightsubnet=6.0.0.0/8
NAT Rule:
iptables -t nat -I POSTROUTING 1 -s 0/0 -d 6.0.0.0/8 -o eth1 -j SNAT
--to-source 192.18.0.1
Route:
ip route add 6.0.0.0/8 src 192.18.0.1 via x.x.194.129 dev eth1
Please advise, we are missing something big here!
Thanks,
Igor
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.libreswan.org/pipermail/swan/attachments/20140918/f40ce17d/attachment-0001.html>
More information about the Swan
mailing list