Hello,
I'm trying to setup a gateway VPN between two routers across an unsecured network between two local networks. The routers are both linux and I'm using the ipsec tools, racoon and setkey. So far hosts from either local net can successfully ping hosts on the other local net without issue.
I'd like to also be able to ping from either of the routers to any host on the remote lan, including the remote router. This currently won't work.
My SPD policies on one of the routers is this:
spdadd 192.168.2.0/24[any] 192.168.1.0/24[any] any -P out ipsec esp/tunnel/194.16.1.6-194.16.1.7/require;
spdadd 192.168.1.0/24[any] 192.168.2.0/24[any] any -P in ipsec esp/tunnel/194.16.1.7-194.16.1.6/require;
Where my local networks are 192.168.2.0 an 192.168.1.0 with external IP's 194.16.1.6 and 194.16.1.7 respectively.
I've tried to add a route from the router to the remote network such are:
$ ip route add 192.168.2.0/24 dev eth0
but this doesn't work for me. I'm clearly missing something with the routing.
Any tips would be most appreciated.
Regards
Rob Smith