vtun advance routing.
Status: Inactive
Brought to you by:
mtbishop
Menu
▾
▴
#8 vtun advance routing.
Dear vtun users,
I have the following challenge to overcome but i am
unable to grasp by myself.
The issue itself is routeing from a vtun server to multiple
network with the same desination subnet.
here's the picture.
__________________ _________________
| | | |
|wsa: 192.168.4.10 | |wsb:192.168.4.21 |
| dest: 192.168.1.1 | | dest: 192.168.1.1 |
| 1.1 at site 1 to wsc | | 1.1 at site 2 to wsd|
|_________________| |________________|
| |
| |
___________________|___________________
______________________
| |
| | |
|vpnserver: 192.168.4.1 | tun0: 192.168.0.1
| | tun1: 192.168.0.3 |
|___________________|__________________|________
_____________|_____________________|
|
| |
|public: x.x.x.x
| |
|___________________|
|
| |
site 2 |
tun |
site1
______________|
| _______________
|
|
| |
|public: x.x.x.x
|
| public: x.x.x.x |
|_________________|
|____________________|
|
|
| |
|tun: 192.168.0.2
|
| tun: 192.168.0.4 |
|_________________|
|___________________|
|
|
| |
|eth0: 192.168.1.1
|
|eth0: 192.168.1.1 |
|_________________|
|___________________|
| |
| |
__________________|
|___________________
|
|
| |
|wsc: 192.168.1.10
| |
wsd: 192.168.1.20 |
|__________________|
|__________________|
i want to achieve the if i place an route statement at
wsa (192.168.4.10) to network 192.168.1.0/24 with
gateway the tunnel to site i want to reach (thus tun0 or
tun1 on the vpn server to site1 or site2)
at the moment i can only achieve this by changing the
route statement at the vpn server to the different
networks. but then i can never do this simultaiously from
two different workstations.
what is extra is that i NAT all adresses and networks
from the source tunnels to the destination networks
with iptables.
it should be possible to achieve this. in my past memory
wich is not flawless i can remember i did this somewhere
in a lost 24hour day and night of freakin.
any help is welcome, or if more detail is needed please
advise.
thanks in advance
Logged In: YES
user_id=920051
sorry for the messup with the picture atatched is now an
extra html file with the right content
html file with right drawing. (correction for above)
Logged In: YES
user_id=920051
a better pucture is on
http://wazzaap.nu/vtun.jpg