Vicente Ferrando, 2003-Mar-24 16:12 +0100: > Good afternoon, > > I'm using Cisco VPN client to connect a Debian box to a Cisco VPN 3005. > I've got the client configured and working for this computer. But I want > this linux box act like a router, making the tunnel available to the > rest of the LAN connected to this box. > > This is what I've working right now: > > Linux box ---> Internet --->Cisco 3005 --->Lan2 > > And what I want to: > > Lan1--->Linux box ---> Internet --->Cisco 3005 --->Lan2 > > I want Lan1 to access Lan 2 using the tunnel stablished between Linux > box and 3005. > > I've set Ip_forwarding to 1 on the Linux but the problen is that I'm > not able to add any route through the cipsec0 device created by the > Cisco VPN client. And the traffic received on the eth0 is forwarded to > the default gateway bypassing the tunnel. > > May be it is not necessary to and any route to Lan2 as the VPN client > creates a route LAN2. But I'm not sure is forwarding process is aware of > routes not shown by "ip route show". > > Any help on how to get this working would be appreciated. Or if anyone > knows if this is not posible with the Cisco client. > > Kind regards.
You should check the feature set for that client because it may not allow forwarding to the IPSec tunnnel interface from anywhere other than the local machine. I know other clients do not allow this, not because they can't, but because the company providing the client wants you to buy something else, more expensive, to provide such a service. Cisco is very good at this too. jc -- Jeff Coppock Systems Engineer Diggin' Debian Admin and User -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]