make sure that you have routing working. I don't know about ipsec, but you will need:
1. a routing entry in the remote computer telling it to use the local server for any addresses in the local network, and
2. a routing entry in the local server where it is supposed to send packets, and, of course, packet forwarding enabled.
(checks above to see whether you have already mentioned that.)
From my examination, it seems that you may have ommitted to tell the inside hosts that packets to the remote host must be sent to the ipsec server. I don't know your network, and i don't know ipsec either (!), so I don't know how to do it. Maybe a routing entry in your internet gateway should do it.
__________________
The only dumb question is a question not asked.
The only dumb answer is an answer not given.
|