[Shorewall-newbies] Static routing

Sakthivel Subramanian sakthi at altair.com
Thu Mar 11 14:47:17 PST 2004


Tom,

That is the problem. The router does not provide the facility to add a
static route to the VPN tunnelled gateway since the tunnels are not up when
the router tries to add the route (While start up), so by the time the
tunnels are up, I already have an error message that the static route can't
be added since the gateway is unavailable.

So I am trying to see whether I can do a work around by doing it in the
shorewall box. Yes, 192.168.1.1 is the default gateway for the shorewall
box. Ideally I want all the traffic destined to 192.168.101.0/24 to be
automatically forwarded to 192.168.100.1.

Thanks

Sakthi

-----Original Message-----
From: Tom Eastep [mailto:teastep at shorewall.net] 
Sent: Thursday, March 11, 2004 5:32 PM
To: sakthi at altair.com; 'List for New Shorewall Users'
Subject: Re: [Shorewall-newbies] Static routing


On Thursday 11 March 2004 02:19 pm, Sakthivel Subramanian wrote:
> Hope this one comes clean.
>
>                | NET
>
>          --------------
>
>         |(PUBLIC IP)   |
>         |   ROUTER     | <===> VPN TUNNELS (192.168.100.0/24)
>         |(192.168.1.1) |
>
>          --------------
>
>                | (192.168.1.0/24)
>
>            ---------
>         (192.168.111.254)
>            SHOREWALL
> 	     (10.10.1.1)
>            ---------
>
>                | (10.10.1.0/24)
>
>               LAN
>
> I want to add a static route with gateway to be 192.168.100.1 from the 
> tunnelled subnet.
>

That route needs to be added on the ROUTER, not on the Shorewall box. Isn't 
192.168.1.1 the default gateway for the SHOREWALL box? If so, you don't need

to make any change there.

-Tom
-- 
Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep at shorewall.net





More information about the Shorewall-newbies mailing list