DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD Security

OpenBSD Security Functionally paranoid!

 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #1   (View Single Post)  
Old 30th May 2015
WeakSauceIII WeakSauceIII is offline
Port Guard
 
Join Date: May 2008
Posts: 36
Default Route to enc0

So its been 6 years of problem free BSDing but im back.....

I have a remote network (amazon virtual private cloud) attached to my BSD gateway via ipsec in tunnel mode. I can access the internet thru my gateway and I can also access any server in that remote 10.x network from my home 192.x network. My question is how do you route to enc0? I have set the 10.x netowrk at amazon to use the VPN as the default gateway so traffic goes from 10.x server, across vpn to my 192.x bsd gateway. this traffic is then natted out to the internet, hits the remote destination, and the replies come back. Problem is my ipsec tunnel is

ike esp from 192.168.0.0/24 to 10.0.1.0/24

so when traffic is de-natted it is $externalIP - > 10.x instead of $internalIP - > 10.x so ipsec policy doesn't match and packet never gets back into enc0 or across the tunnel

Seems to me like the solution is to tunnel this traffic (gif0) so i can route it but the problem is i do no have access to the remote vpn server to configure any kind of tunnel interface on the far side. Any suggestions on how one would route return traffic into the ipsec tunnel in this case?
Reply With Quote
 

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Multi-Path or Route-To? SlyM OpenBSD General 25 1st July 2016 04:21 PM
No Route to Host rtwingfield FreeBSD Installation and Upgrading 9 25th May 2015 03:05 AM
route on openbsd hpabsdbeginner1 OpenBSD General 2 15th April 2014 07:17 PM
Openvpn pf/nat/route-to issue lasstoff OpenBSD Security 3 16th January 2012 12:28 PM
How to add static route using virtual NIC bsdplus Solaris 1 22nd August 2010 02:10 AM


All times are GMT. The time now is 11:30 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick