Internal Routing redirection with IPcop?

I'm using IPcop as firewall and for site-to-site tunnels at one site.
The RED interface eth0 is and I need to transition the local net by and by to
So far, I let a different host play the role of a router between and
(when done, IPcop will be reconfigured accordingly and have that net directly attached)
I added a route at IPcop (via console) and adjusted tunnels accordingly
So now *remote* hosts can access the new LAN (and also old LAN) via tunnel
However, traffic between LANs does not work.
I do not want to add a specific route at each host in the old LAN as long as it is still in it.
Instead, in theory ICMP redirects should do the job good enough for a temporary situation
However, it seems that IPcop does not issue these redirects.
How can I make IPcop do so?
LVL 20
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Nayyar HH (CCIE RS)Network ArchitectCommented:
Can you do a rough sketch of your topolgy?
thehagmanAuthor Commented:
Is that sketch rough enough?
Almost all hosts can ping one another, for example can ping
The echo request goes from to default gateway RTR-3, then default gateway RTR-2, then across the tunnel to RTR-1 and finally The reply goes to RTR-1 (def. gw), across the tunnel targeting to RTR-2, from there to RTR-3 by means of a specific route and finally to

The only packet flow that does not work is from to (because does not have a specific route to
Any packet from to is transmitted to the def. gw RTR-2
This guy *knows* that the packet should be routed via RTR-3 and it *could* tell the sender about this with an ICMP redirect. However, it doesn't. The task is to make it send such redirects.

If there is no solution (and maybe even if there is one) I think I should distribute the specific route needed by DHCP option 249 and wade through the (few) statically configured hosts ...

Nayyar HH (CCIE RS)Network ArchitectCommented:
I think icmp-redirect might be controlled at the OS level, Check to see if icmp-redirects are enabled there.

Try capturing traffic  to verify.


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
thehagmanAuthor Commented:
Thanks, meanwhile I established a workaround vie DHCP option 249 plus manual route for the few non-DHCP hosts
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Networking Protocols

From novice to tech pro — start learning today.