I'm trying to connect a branch office to my main office.
I have data and voice that need to flow between the branch office and the main one.
I have a VPN setup for the data, and a dedicated fiber trunk between the two offices.
I thought I'd try to use the Multi-ISP setup to help segment the traffic, but I have run into a stupid.
eth1 - 10.253.0.1 eth3 - 10.253.0.254 eth0 /-----------------------\ eth0 192.168.1.1/24 --- Office A - - Office B --- 10.254.0.1/24
\---------vpn-----------/
eth2 eth2
Shorewall is working in both offices, as well as the VPN. I can ping
across the VPN between the offices as well.
I can also ping bi-laterally between eth1 in Office A and eth3 in Office B.I cannot, however, ping the private subnets in either office through the fiber tunnel, although (I think) I have the masq files setup correctly on both sides. I don't see errors in the syslog when I try this ping, which leads me to a routing or masq error, but I've tried several different stabs at the masq and tc* files, as well as static routes in an attempt to overcome the error.
I know I'm doing it wrong. I probably also know after getting this far into it that this may not be the best way to flow this traffic.
I've attached shorewall dumps from both sides of the tunnel(s). If someone could point me in the right direction, I'd greatly appreciate it, as I have no local binar speakers I can bounce this off of.
Keith Mitchell CTO Productivity Associates, Inc. 5625 Ruffin Rd STE 220 San Diego, CA 92123 858-495-3528 (Direct) 858-495-3540 (Fax)
networka.bz2
Description: Binary data
------------------------------------------------------------------------------ Come build with us! The BlackBerry(R) Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9 - 12, 2009. Register now! http://p.sf.net/sfu/devconference
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
