Answer the question
In order to leave comments, you need to log in
Y
Y
Yaroslav2019-04-19 17:45:58
Yaroslav, 2019-04-19 17:45:58
What rules to prescribe in iptables to see machines on the network behind an IPSec tunnel?
An IPSec tunnel is up on the host machine with proxmox, config:
left = 1.1.1.1 (proxmox, vmbr0 interface)
leftsubnet = 10.14.0.0/24 (network between VMs, vmbr1 interface)
right = 2.2.2.2 (remote Cisco)
rightsubnet = 10.0. 0.0/16
Machines in 10.0.0.0/16 see VM on proxmox (10.14.0.0/24), but VM does not see machines
in 10.0.0.0/16 ?
2 answer(s)
@CubaJas
@CityCat4
D
Dmitry, 2019-04-20 @CubaJas
I assume that the problem is not in iptables proxmox, but in firawall cisco, it is possible that forwarding of new connections from outside is prohibited
C
CityCat4, 2019-04-20 @CityCat4
I don’t know how the cisco behaves - it’s Google for you - but in Linux, it’s not the routing table that is responsible for IPSec routing, but the SPD (Security Policy Descriptor), well, that is, the SPD table, of course. In a normal linux, strongswan builds it, or another IKE daemon, you can do it manually, albeit crookedly and for a long time.
Similar questions
R
A
B
N
C
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question