Routing subnets, With Linux (IPsec-VPN)

[esreverse]

Hi,

I want to setup IPsec-VPN, subnet to subnet;

LAN1-Linuxbox-INTERNET-Linuxbox-LAN2-InternalGateway-LAN3

LAN1 will be 10.100.x.x mask 255.255.0.0
LAN2 will be 10.150.x.x mask 255.255.0.0
LAN3 will be 10.200.x.x mask 255.255.0.0

I need to have Clients on LAN1 can Reach IP's in LAN3.
Is this possible With Linux?

Im stuck with a netmask 255.255.0.0 so any advice with a netmask 255.255.255.0 is useless, sorry for that.

What all do i need to get this working?

Greetz

 

[BitFuzzy]

The simplest way would be to add listings to your /etc/hosts file.

 

[BitFuzzy]

Personaly, if these 'networks' are going to be acting as gateways for connecting workstations, i'd setup 'dns'

 

[esreverse]

This is not what i am looking for BitFuzzy. The problem thing is how to setup IP to connect from LAN1 to LAN3. In my testing i can only ping from lan 1 to 2. I think the problem is IPsec to pass trough packets from Lan3

 

[shaodius]

I am assuming that rules are already inplace for LAN 2 to talk to LAN 3. If this is the case, you would need in LAN 2 an iptables/ipsec rule to forward packets from 10.100 to 10.200, ie:
iptables -A FORWARD -s 10.100.0.0/16 -d 10.200.0.0/16 -j ACCEPT.

you probably already have a similar rule for 10.100->10.150.

Also on LAN1 be sure that the netmask includes both 10.150 and 10.200 so that packets are sent across the VPN for both subnets

 

[marsd]

Have you looked at the IPSEC howto?
IPSEC is not trivial to configure or set up.
You need to define your neighbor networks and next
hops for it to work properly.
If I were you and all I needed was a vpn I would
use cipe. Much easier and with a central cipe server
you can have multiple vpns to your subnets easily.