The problem appears to be a routing issure on the server. If I execute "ssh 192.168.1.1," I get a time out saying connection closed by remote. If I execute " ssh -b 192.168.10.1 192.168.1.1," then I get a succesful connection.
Would this indicate a routing issue? That is my guess anyhow. I do not know how to make sure that connections to private ip ranges go accross the VPN using the private ip address as the source address. Is there anyone that can help me with this? I have been trying to figure it out from two different website, they are:
http://www.av8n.com/vpn/iproute2.htmhttp://www.policyrouting.org/iproute2.doc.htmlFrom these sites I tried to fix my problem using the following:
1. added: "2 from.this.host" to the /etc/iproute2/rt_tables file,[/list]
and then executed the following commands:
2. ip rule add iif lo table from.this.host priority 500
3. ip route add 192.168.1.0/24 table from.this.host dev eth0 src 192.168.10.1
4. ip route flush cache[/list]
Now when I execute "ssh 192.168.1.1" I get:
ssh: connect to host 192.168.1.1 port 22: No route to hostI am a little gun shy of messing up the whole server by entering the wrong commands. It appears that I have already done some harm. Is there anyone familiar with setting up routing? I need to reverse what I have already done and see if I can get the routing to work correctly accross the VPN.
The out put from " ip route show" after I made the noted changes in 1-4 above is:
remote_public_ip_address via local_public_ip_router dev ipsec0
192.168.1.0/24 via local_public_ip_router dev ipsec0
192.168.10.0/24 dev eth0 scope link
local_public_ip_address_range/20 dev eth1 proto kernel scope link src local_public_ip_address
local_public_ip_address_range/20 dev ipsec0 proto kernel scope link src local_public_ip_address
127.0.0.0/8 dev lo scope link
default via local_public_ip_router dev eth1Thanks for you help.
Sincerely,
Rick Evans
Ft. Lauderdale, FL
2 Replies
1848 Views