Find the answer to your Linux question:
Results 1 to 3 of 3
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1

    Question iproute2 question


    I have a CentOS 6 box acting as a firewall, gateway and router. Behind my gateway is a VPN concentrator with an IPSEC tunnel to a branch office. My servers sit on 172.16.0.0/24, desktops sit on 172.16.1.0/24. The VPN concentrator sits on 172.16.0.4 and has an ipsec tunnel to a branch office with 192.168.1.0/24. I am able to ping any address on the 192.168.1.0/24 network from the firewall which is multihomed at 172.16.0.1 and 172.16.1.1. However, if I try to ping 192.168.X.X from my desktop PC (172.16.1.16), I get TTL expired errors. I'm sure I need a policy route somewhere. I just need some ideas.

    Thanks!

  2. #2
    What do you get coming the other way? That is, from a 192.168 box towards your 172.16?

    What are your routing tables telling you? Particularly at the "gateways".

  3. #3
    Thanks. I that was exactly the problem. I needed to add a static route back to 172.16.1.0/24.

  4. $spacer_open
    $spacer_close

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •