Hi there..
We´re testing a net to net ipsec setup through a sip-spoofed speedtouch modem.It means that the internet ip address is setup on the external asl interface. The address is submitted with 255.255.255.255 as subnet mask.A private address is setup on the modem together with a sip-spoof ip(can be any address).The modem address is linked on eth1 (external) and the a rule any -> default route modem ip is setup (static).
This setup works great, except for the ipsec part.
it seems that a routing table on the modem does:
ext_ip/32 any modem_ip
default ext_ip/32 sip-spoof_ip
now when we activate the ipsec tunnel, it ends with a routing error (7).
when i do a traceroute, it seems that the nexthop is the sip-spoof address, instead of the modemip which is the default gateway, also nexhop in ipsec.conf.
How to fix??
This thread was automatically locked due to age.
