Ipsec - routing private subnet public: Difference between revisions
Jump to navigation
Jump to search
(Created page with "Category:Linux = Ipsec = While setting up ipsec - and findout that you can reach one network but not the other by seeing the working network (on both routes) routes via t...") |
(No difference)
|
Latest revision as of 19:09, 21 April 2018
Ipsec
While setting up ipsec - and findout that you can reach one network but not the other by seeing the working network (on both routes) routes via the ipsec tunnel from private <==> private net.
On the other network you see the router (usually multihomed) trying to route traffic to that network from the public interface <==> private net.
One has to tell the router to SNAT to the private net:
## Assuming: ### Destination network: 10.8.139.14/31 ### Source network: 192.168.0.0/23 ### Routing via private network router/gw: 192.168.0.250 $IPT -t nat -A POSTROUTING -d 10.8.139.14/31 -s 192.168.0.0/23 -j SNAT --to-source 192.168.0.250