0

I have 3 machines. 2, routers, are connected over a VPN. The 3rd is a PC on the lan behind one of the routers.

          internet
              |
              |
ROUTER S1  external: YYY.56.52.56 (eth0)
             vpn:      10.0.0.1 (tun0)
              |
              |
ROUTER S2    vpn:      10.0.0.2 (tun0)
           external: XXX.19.10.126 (eth0) -------------------internet
           internal: 192.168.3.10, 10.19.26.10 (eth1)
     |
     |
LAN PC1     external: 192.168.3.16, 10.19.26.7 (eth0)

I want to move selected traffic from the LAN, over the VPN, out to the 'NET.

My routing policy on ROUTER S2 directs iptables-marked traffic from 10.19.26.0/24 so that it traverses the VPN.

From the router, ROUTER S2

ping -I 10.19.26.10 72.14.191.202

works - the ping request is correctly routed over the VPN, to the target, and the ping reply is received.

But from the lan behind it, LAN PC1

ping -I 10.19.26.7 72.14.191.202

doesn't. No response.

What specific route, on what machine, am I missing?

  • Is Router S1 the internet Router for the YYY.56.52.56 network? – hookenz Aug 11 '14 at 03:34
  • Maybe you need Proxy Arp on Router S1 – hookenz Aug 11 '14 at 03:35
  • Looking at it from LANPC1, it will send unknown traffic out via its gateway ip. What is it set to? – Glen Aug 11 '14 at 04:24
  • LANPC1 does not know about routers, so it doesn't matter how the router is setup. All it needs to know is to send this packet of an unknown network to a gateway ip address. Do you have a gateway address on LANPC1? – Glen Aug 11 '14 at 05:54

0 Answers0