This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

problem with VPN IPSec

I'm sorry for my english...

I have a problem ( i'm looking in the forum and i discover some other people have similar problem)

With the Quick Installation Guide i succesfully completed a VPN Ipsec host-to-net x.509 with my Astaro...
I have only configured two interface with Masquerading.
I can't comunicate with LAN but if i look in the arp cache, i found the MAC ADDRESS of the PC i try to connect to.
So i think there is a problem about packet filter but if i turn off any filter about the Virtual IP i can't to connect to my lan elsewhere (?)
My Client VPN is SSH Sentinel.
Someone (if somecan understand me) can help me?

This thread was automatically locked due to age.

Parents

0 cyclops over 21 years ago

Just two questions:

1) Do you use virtual IP addresses which are also used in your LAN? That doesn't work for IPSec since the firewall doesn't proxyARP for those addresses

2) Did you apply a host or a netmask to the client's virtual IP? Must be a netmask like 255.255.255.0 not 255.255.255.255!

Greetings
cyclops
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 cyclops over 21 years ago

Just two questions:

1) Do you use virtual IP addresses which are also used in your LAN? That doesn't work for IPSec since the firewall doesn't proxyARP for those addresses

2) Did you apply a host or a netmask to the client's virtual IP? Must be a netmask like 255.255.255.0 not 255.255.255.255!

Greetings
cyclops
Cancel
Vote Up 0 Vote Down

Cancel

Children

0 synchopate over 21 years ago in reply to cyclops

sorry but i don't think it is so easy...

1) i used an ip that's not in use in my LAN

2) my subnet is accorded to the subnet of my LAN (24 bits)

if this is interessant i have configured some port redirection (destination NAT)
Cancel
Vote Up 0 Vote Down

Cancel