FC9 Linux gateways, VPN working, IP forwarding isn't

Gary Stainburn gary.stainburn at ringways.co.uk
Fri Jan 23 17:55:14 UTC 2009


Hi folks.

I've given up on openswan because it won't work though my ADSL router.

I've now got a very simple ppp-over-ssh VPN working using the following script

/usr/sbin/pppd updetach noauth passive \
  pty "ssh $HOST -P -o Batchmode=yes /usr/sbin/pppd nodetach notty noauth" \
  $LocIP:$RemIP

I'm using 192.167.127.1 and .2 for the VPN

My local LAN is 10.6.0.0/16 and the remote is 10.1.0.0/16

The VPN works, and from each end I can ssh to the remote end using either it's 
192. or 10.  IP address.

On each gateway, and on the test hosts on each LAN I have set up the 
appropriate routes. On each gateway I have enabled IP  Forwarding by running 

sysctl -w net.ipv4.ip_forward=1   

and made it permenant by editing /etc/sysctl.conf. I even rebooted to make 
sure.

However, I cannot get anything to work except gateway to gateway. Anything 
behind the gateways cannot get past their local gateway.

Anyone know what I've missed?
-- 
Gary Stainburn
 
This email does not contain private or confidential material as it
may be snooped on by interested government parties for unknown
and undisclosed purposes - Regulation of Investigatory Powers Act, 2000     




More information about the users mailing list