[Swan] VPN -> GW -> IPSEC -> GW -> HOST

Phil Daws uxbod at splatnix.net
Sun Jan 18 18:53:09 EET 2015

Hello all:

am trying to get my head around routing across an IPSEC tunnel but its sending me crazy!  Here is the layout:


>From GW1 I can now reach all interfaces on GW2 and vice versa; yippee!

Now, if I introduce the VPN which is connected to GW1 with a network of, and when connected my client receives, I am able to reach all nodes on the network but nothing at all on the network ?!?!  Have checked the routing information and that seems correct; I think: dev eth0  scope link  src dev tun0  proto kernel  scope link  src

I see it hit the external interface but then does not reach the other side :(

16:52:33.553238 IP 37.XXX.XXX.XXX > ICMP echo request, id 1, seq 262, length 40

Any help would be appreciated please.

Thanks, Phil

More information about the Swan mailing list