[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: FC9 Linux gateways, VPN working, IP forwarding isn't

On Fri, Jan 23, 2009 at 7:55 PM, Gary Stainburn <gary stainburn ringways co uk> wrote:
Hi folks.

I've given up on openswan because it won't work though my ADSL router.

I've now got a very simple ppp-over-ssh VPN working using the following script

/usr/sbin/pppd updetach noauth passive \
 pty "ssh $HOST -P -o Batchmode=yes /usr/sbin/pppd nodetach notty noauth" \

I'm using and .2 for the VPN

My local LAN is and the remote is

The VPN works, and from each end I can ssh to the remote end using either it's
192. or 10.  IP address.

On each gateway, and on the test hosts on each LAN I have set up the
appropriate routes. On each gateway I have enabled IP  Forwarding by running

sysctl -w net.ipv4.ip_forward=1

and made it permenant by editing /etc/sysctl.conf. I even rebooted to make

However, I cannot get anything to work except gateway to gateway. Anything
behind the gateways cannot get past their local gateway.

Anyone know what I've missed?

I guess its normal not to pass because the next gateways dont "know"  what 10.x/192.x ips are.
I think either you have to export those IPs to the next gateways either you enable nat
for each VPN, smth like iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE (fastest
way) where eth0 is your interface for internet.

Gary Stainburn

This email does not contain private or confidential material as it
may be snooped on by interested government parties for unknown
and undisclosed purposes - Regulation of Investigatory Powers Act, 2000

fedora-list mailing list
fedora-list redhat com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]