small info to add:
I am using a 2.4 kernel (RH-9) and the packets currently are going
through IPSec, then getting routed through eth0 directly (but I want
them to go through tunl0)
Prasad
Prasad wrote:>
> Hello Gurus,
>
> I am a small problem with routing and here are the details.
>
> Interfaces on my server:
> * ipsec0 - 172.19.58.94
> * tunl0 - 172.19.58.94
> * eth0 - 172.19.58.94
>
> Now, the problem is that there is another host 172.19.58.200. All
> communication to 172.19.58.200 should be through tunl0, and all the
> data should be secured using IPSec (tunnel mode - because there are
> more machines on my network and 172.19.58.94 is the gateway through
> which they access 172.19.58.200). How can this be achived???
>
> Here is what I did:
>
> 1. Default route for 172.19.58.200 is ipsec0
> route add -host 172.19.58.200 dev ipsec0
> 2. Mark all packets after being routed through ipsec0
> iptables -t mangle -A POSTROUTING -o ipsec0 -j mark --set-mark 1
> 3. Create a routing rule and add the new rule
> ip rule add fwmark 1 table tunnel
> 4. Create routing entries for table ''tunnel''
> ip route add 172.19.58.200 dev tunl0
>
> Well, all this assumes that once the packet enters the ipsec tunnel,
> after encapsulation the packets are routed afresh based on the routing
> tables. Could the gurus help me fix this!!!
>
> Thanks,
> Prasad
> _______________________________________________
> LARTC mailing list
> LARTC@mailman.ds9a.nl
> http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
>