1

I'm having issues routing traffic thru VPN.

Here's my setup

I have 3 hosts, let's call them A, B and Z

B and Z have a VPN connection in the 10.10.10.x SUBNET A and B have a direct connection in the 10.10.12.x SUBNET

I want to be able to route traffic from A to Z, like : 

A <= 10.10.12.254 [LAN] 10.10.12.111 => B <= 10.10.10.152 [VPN] 10.10.10.10 => Z

On host B, i have set up ip_forwarding : net.ipv4.ip_forward = 1

and routing on host B: 

[root@hostB: ~]# ip route
10.10.10.10 dev ppp0  proto kernel  scope link  src 10.10.10.152 
10.10.12.0/24 dev eth1  proto kernel  scope link  src 10.10.12.111 
10.10.10.0/24 dev ppp0  scope link 
169.254.0.0/16 dev eth1  scope link

routing on host A:

[root@hostA: ~]# ip route
10.10.10.0 via 10.10.12.111 dev eth1 
10.10.12.0/24 dev eth1  proto kernel  scope link  src 10.10.12.254 
169.254.0.0/16 dev eth1  scope link 
default via 192.168.1.1 dev eth0

But still not able to ping 10.10.10.10 from host A.

Any idea ? I'm pulling my hairs out.

Disco
  • 1,421
  • 5
  • 20
  • 34

2 Answers2

2

On Z, assuming 10.10.10.10 is on ppp0:

route add -net 10.10.12.0 netmask 255.255.255.0 gw 10.10.10.152 dev ppp0

This will give you a return route to A

Mike Pennington
  • 8,305
  • 9
  • 44
  • 87
1

Like mike said... You need two routes... On A ---> Z and viceversa... On Z ---> A.... If you miss just one of them, they won't be able to comunicate each other, because the packets don't know the route to go back to the source... So you need to do something like this on A and Z...

On Z route add -net 10.10.12.0 netmask 255.255.255.0 gw 10.10.10.152 dev ppp0

On A route add -net 10.10.10.0 netmask 255.255.255.0 gw 10.10.12.111 dev ppp0

Let us know!!!

Jonathan Montero
  • 11
  • 2