Tom Eastep wrote:
Keith Mitchell wrote:
Sorry about that. My brain was a little fried last night.
Here's the networkb uncorrupted.
Yes, the vpn is an ipsec vpn. It works fine thanks to your excellent
documentation and openswan.
If I do a "ping -I eth1 10.254.0.x" (any address) from the network
Keith -- I'm sorry but I have neither the time nor the energy to solve
puzzles; technical problems are hard enough without having to decode
nebulous terms like "the network". Please give me the IP address of the
host you were pinging from
-Tom
------------------------------------------------------------------------
------------------------------------------------------------------------------
Come build with us! The BlackBerry(R) Developer Conference in SF, CA
is the only developer event you need to attend this year. Jumpstart your
developing skills, take BlackBerry mobile applications to market and stay
ahead of the curve. Join us from November 9 - 12, 2009. Register now!
http://p.sf.net/sfu/devconference
------------------------------------------------------------------------
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users
Sorry. That should read "Office A Firewall Host" and "Office B Firewall
Host"
If I do a "ping -I eth1 10.254.0.x" (any address on that subnet) from
the Office A Firewall Host (source IP 10.253.0.1), I get no return and
nothing in the syslogs. A ping -I eth1 10.253.0.254 gets a return.
Likewise, a "ping -I eth3 192.168.1.x" (any address any address on that
subnet) from the Office B Firewall Host (source IP 10.253.0.254) gives
no return and nothing in syslogs. A ping -I eth3 10.253.0.1 gets a return.
If I run a tracert from inside the Office A Network (192.168.1.x) to one
of the IP's I'm trying to direct through the 10.253.0.0 tlan (10.254.0.4
or 10.254.0.5), the return clearly shows the traffic transversed via the
vpn and not the tlan.
(Source IP in the example below was 192.168.1.169)
C:\>tracert asterisk
Tracing route to asterisk.paisd.com [10.254.0.4]
over a maximum of 30 hops:
1 <1 ms <1 ms <1 ms linus-int.paisd.com [192.168.1.1]
2 3 ms 2 ms 2 ms firewall.paisd.com [10.254.0.1]
3 3 ms 2 ms 2 ms asterisk.paisd.com [10.254.0.4]
Trace complete.
--
Keith Mitchell
CTO
Productivity Associates, Inc.
5625 Ruffin Rd STE 220
San Diego, CA 92123
858-495-3528 (Direct)
858-495-3540 (Fax)
------------------------------------------------------------------------------
Come build with us! The BlackBerry(R) Developer Conference in SF, CA
is the only developer event you need to attend this year. Jumpstart your
developing skills, take BlackBerry mobile applications to market and stay
ahead of the curve. Join us from November 9 - 12, 2009. Register now!
http://p.sf.net/sfu/devconference
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users
