LAN-to-LAN VPN routing

Home Page Forums Network Management Linux and Networking LAN-to-LAN VPN routing

This topic contains 2 replies, has 2 voices, and was last updated by  hassan ali 1 month, 1 week ago.

Viewing 3 posts - 1 through 3 (of 3 total)
  • Author
    Posts
  • #44759

    Uksindus
    Member

    I’m baffled what kind of routing rule I need to route traffic from my local LAN -> ZS box -> VPN tunnel. Everything works fine without the VPN,

    My WAN is a 4G modem via pppoe, ETH00 has NAT and DHCP enabled. (All computers on LAN have internet connectivity now, DHCP default gateway = ZS box local address). If I fire up the VPN (commercial service provider), it connects just fine and ZS box has connectivity via VPN (tracepath confirmed).

    When VPN is up, all LAN computers lose connectivity to internet (connection to ZS box stays up).

    VPN00 has these options and interface VPN00 has NAT enabled:

    --dev tun0 --dev-type tun --topology subnet --pull --config /Database/serviceproviderfile.ovpn --auth-user-pass /Database/passwordfile --redirect-gateway

    Please help, what I’m missing here?

    #54398

    Uksindus
    Member

    Success:

    Postrouting chain for VPN00 had no packets going in or out => tun00 interface had no NAT, and it’s not listed in NAT enabled interfaces.

    If adding manually

    iptables -t nat -A POSTROUTING -o tun0 -j MASQUERADE

    routing from ETH00 -> VPN00 works.

    Based on that, I found this thread which deals with the same thing.

    #65540

    hassan ali
    Participant

    Dynamic crypto map – is one of the ways to accommodate peers sharing the same characteristics (for example multiple branches offices sharing the same configuration) or peers having dynamic IP addressing.
    gbwhatsapp 2018

    • This reply was modified 1 month, 1 week ago by  hassan ali.
Viewing 3 posts - 1 through 3 (of 3 total)

You must be logged in to reply to this topic.