We have an intercampus VPN managed by a new company and we are in the process of migrating the current system to the new one.
My current system used an ipsec vpn between campuses and is a clearOS (centos) system. We had a server running the clearOS OS at every campus and then used the built in ipsec vpn to connect them.
The new system is managed by a 3rd party with cisco routers. Basically all campuses connect to the same network with the cisco routers and there is a single breakout point at the 3rd party offices to the outside.
My servers seems to be blocking the VPN traffic. If I switch off the firewall everything is fine but if it is one I can only connect to the actual servers and no other PC's on the campus LAN. They do provide a firewall so this question is more about me being curious than critical. My servers are to become file servers only so the firewall is not a big issue but if possible I would like to have the option.
Here is the setup:
A traceroute from within campus 01 shows the problem to be the eth0 NIC on the server. Everything stops at 10.70.21.2. I can ping and access samba on 192.168.0.1 (the server) but not on other PC's in that network. I specifically need to get to 192.168.0.254.
As I said before when I switch off the firewall at campus 02 I can access everything and the VPN is fine.