search for: gdc1

...# conforms to second version of ipsec.conf specification config setup # Debug-logging controls: "none" for (almost) none, "all" for lots. klipsdebug=none plutodebug=none interfaces=%defaultroute uniqueids=yes # Add connections here conn GDC1 authby=secret auto=start left=%defaultroute leftsourceip=192.168.1.97 leftid=@rx1000test leftsubnet=192.168.1.96/28 ike=aes128-md5-modp1024 esp=aes128-md5 right=160.96.97.248 rightsubnet=192.168.1.0/28 rightsour...

...#39;s eth 1. Both local ethernet''s are behind NAT of course. Now, I have ahost, 192.168.1.101 on the 192.168.1.96/28 network behind the debbian router. Here is my routing table: rx1000test:~# ip route show 202.42.98.1 dev ppp1 proto kernel scope link src 202.42.98.62 192.168.1.0/28 dev GDC1 scope link 192.168.1.96/28 dev eth1 scope link default dev ppp1 scope link This seems really simple to me, anything going to 192.168.1.0/28 must go through tunnel GDC1. Here is the tunnel: 15: GDC1@NONE: <POINTOPOINT,NOARP,PROMISC,UP> mtu 1428 qdisc noqueue link/gre 192.168.1.97 peer...

...the Ipsec tunnel up and working between them using preshared keys. So that works. Here is the Cisco tunnel setup: interface Tunnel6 ip address 192.168.2.110 255.255.255.240 tunnel source 192.168.1.1 tunnel destination 192.168.1.97 Here is the Linux Tunnel setup: modprobe ip_gre ip tunnel add GDC1 mode gre remote 192.168.1.1 local 192.168.1.97 ttl 255 ip link set GDC1 up ip addr add 192.168.2.97 dev GDC1 ip route add 192.168.1.0\28 dev GDC1 Now, using tcpdump, when shorewall is on I get this when trying to ping from the cisco to 192.168.2.97: 1:05:48.995325 IP 192.168.2.97 > 192.168.2.1...