0

I am struggling with a scenario. Suppose we have two systems in same subnet A:- 192.168.1.5 and B:-192.168.1.6 where B is further connected with C:-172.22.1.5 through Openswan. B can ping C but A cant ping C.

I want to add a route in A that it route all traffic which is destined for 172.22.1.5 to B.

I used route add -net 172.22.1.0 netmask 255.255.255.0 gw 192.168.1.6 dev eth0 But it is not working. Checked with tcpdump and packets are not going to B.

Any ideas how this can be done ?

xs2rashid
  • 184
  • 5
  • 1
    Please show the complete routing table on host A. Also, show the IP addresses of both ends of Openswan tunnel and their routing tables. – Tero Kilkanen Apr 15 '17 at 03:29
  • 172.22.1.0/24 is in AWS and Openswan is connected to AWS VPC VPN. AWS side Security groups are open and there is no iptables on aws side. Route table of A is as below 10.0.0.0/21 dev eth1 proto kernel scope link src 10.0.3.105 172.22.1.0/24 via 192.168.1.6 dev eth1 64.22.106.0/24 dev eth0 proto kernel scope link src 64.22.106.56 – xs2rashid Apr 20 '17 at 08:50

1 Answers1

0

In order to accomplish your goal, both ends must have respective routes to the other end.

So, in your case:

route add -net 172.22.1.0/24 gw 192.168.1.6 dev eth0 in Host A.

route add 192.168.1.5 gw 172.22.1.N dev X in Host C. Here N is the address of Host B in the VPN subnet, and X is the device used for the VPN subnet in Host C.

Tero Kilkanen
  • 34,499
  • 3
  • 38
  • 58