Error adding static route

Home Page Forums Network Management VPN Error adding static route

This topic contains 9 replies, has 0 voices, and was last updated by  otros1761@gmail.com 5 years, 9 months ago.

Viewing 11 posts - 1 through 11 (of 11 total)
  • Author
    Posts
  • #42254

    Hello,

    I am testing the zeroshell router, and I am experiencing some problems when I try to configure a VPN lan to lan.

    I have created the object VPN without problems, and I have setup the necessary parameters.
    But, I encountered, my first error adding a static route. I am trying to add:
    Destination network 18.0.0.0 with netmask 255.0.0.0 and gateway the IP address that I have already coonfigured in th VPN network

    So, when I try to add the route I have got the following:

    ERROR: Static route 18.0.0.0/255.0.0.0 via 12.0.0.1 metric 0 not added: RTNETLINK answers: No such process

    Could anyone help me,

    Thanks in advance

    #49813

    ppalias
    Member

    Could you show us a pic of the network addresses of the router?

    #49814


    Sorry, in my last post I wrote down incorrect ip’s. These are the correct ones.
    I am trying to add:
    Destination network 19.0.0.0 with netmask 255.0.0.0 and gateway the IP address that I have already coonfigured in th VPN network

    #49815

    ppalias
    Member

    Yep what you are trying to do is forbidden cause you have to use as gateway the IP address of the remote end of the VPN, i.e 12.0.0.2

    #49816

    Hello Again ,

    I am a little bit confused. My goal is to construct a Site to site VPN. What I understand of this is a Router to router VPN. So, I did the following:
    1.- Install the Zeroshell.
    2.- Add two interfaces 10.0.0.0 network and 11.0.0.0 network. as you can see below in the image. I setup a default route =10.0.0.1
    3.- My goal is to achieve from 11.0.0.2 to the 19.0.0.0 network(i.e.:host 19.59.112.29)
    4.- I set up the vpn object with my understandig of the following parameters:
    remote host= 136.1.1.151 and gateway = auto.
    5.- As it describe in the documentation, I added an IP (12.0.0.1) to the interface VPN00.
    6.- And Finally I had to add a static route. And here is where I have got the error. In my understanding I set , the following parameters:
    Destination = the 19.0.0.0 domain network with its mask.
    Gateway= the remote router (136.1.1.151)
    metric = 0

    You can see my network in the following image

    THANX in Advance

    #49817

    ppalias
    Member

    As I said on my previous post, the gateway for network 19.0.0.0 should be the VPN00 IP address of router “136.1.1.151”, not this IP address.
    To make it more clear, to assign a gateway you have to be able to reach this gateway with a direct connection. Normally a direct connection can only be a link, but a VPN is a virtual link so it acts and is treated as a link. In other words the gateway MUST be in the subnets of one of your interfaces.

    #49818

    Thank you, for your response, but I am still confused.

    I deleted everything about the vpn and I started from the beginning.

    1) I have 2 interfaces 10 network and 11 network. with 255.0.0.0 mask
    2) I have a default gateway , which it is 10.0.0.1
    3) Now I have to creaye the vpn object OK?. with the following parameters:

    Remote host: here should be the remote router (136.1.1.151) or a server from the 19.x domain?
    Gateway: here should be my default gateway (10.0.0.1) isn’t it?.

    4) Now I have to assign an ip addres to the vpn object. which one I could use?

    and finally I have to add a static route

    Could we agree with the 4 steps, in order to continue to the last one?

    THX very much for your cooperation..

    Regards

    #49819

    ppalias
    Member

    Steps 1 and 2 are ok.
    On step 3 your gateway will be the default, as you don’t have any other available.
    You will assign a couple of IP addresses to both ends of the VPN tunnel, for example 192.168.1.1/30 and 192.168.1.2/30.
    If you set 192.168.1.1 on the VPN00 then for the static route you will use 192.168.1.2 as a gateway.

    #49820

    Hello again,

    I setup on the remote end interface 136.1.1.51
    and in my end I setup in the VPN00 interface the 136.1.1.52

    So I try to add the static route:
    destination:19.0.0.0 mask: 255.0.0.0
    gateway: 136.1.1.51 metric:0

    And I have got the same error:
    Mar 03 11:50,41 ERROR: Static route 19.0.0.0/255.0.0.0 via 136.1.1.51 metric 0 not added: RTNETLINK answers: No such process

    #49821

    ppalias
    Member

    No this is wrong again. 136.1.1.51 is the physical interface IP, not the tunnel IP. You will have to use as gateway for the 19.0.0.0 the tunnel IP that you will assign on the router with physical IP 136.1.1.51, not 136.1.1.51 itself. Hope it is clear now, cause I cannot help you any further.

    #49822

    zerotohero
    Member

    I had failed to put an IP address on both sides of the VPN.

    Resolved by going into “VPN” > “LAN-to-LAN (OpenVPN)” > clicked on my VPN entry then in that section – there are buttons to the right (use the sub-scroll bar to scroll down to “Add IP”.
    The VPN IP address is internal and not accessible/usable outside of the VPN.
    It appears to be only used for route table entries and can be anything you like. As long as both ends are in the same network.
    I used 192.168.123.1 on end A and 192.168.123.2 on the other end.
    Once both ends had IP addresses, I was able to happily add the route.
    Say my Site B network is 10.33.123.0/24 and Site A network is 10.33.124.0/24…
    On Site A’s ZeroShell, I add the route:
    Destination: 10.33.123.0
    Netmask: 255.255.255.0
    I choose “gateway” (not Interface): 192.168.123.2, metric 0, interface=can’t change this.

    Then on Site B’s ZeroShell I add the route:
    Destination: 10.33.124.0
    Netmask: 255.255.255.0
    I choose “gateway” (not Interface): 192.168.123.1, metric 0, interface=can’t change this.

    Then it works. If pings between servers on each end fail – check your host firewalls on said servers. My pings were failing – was due to the lovely Windows firewall being enabled on one side.

    Hopefully this points you in the right direction and gets you through.

Viewing 11 posts - 1 through 11 (of 11 total)

You must be logged in to reply to this topic.