Stevie Zakhour
asked on
OpenSwan
Hi Guys
I need to find a way to allow the 10.0.0.0/24 network to be reached from 10.10.1.0/24 – 10.10.3.0/24 networks. Given little documentation, I need the help to allow for communication between the networks, trying to achieve the below (sorry, I know it is sketchy)
10.10.1.0/24 >>> PING >>>> 10.0.0.0/24
10.10.3.0/24 >>> PING >>>> 10.0.0.0/24
10.0.0.0/24 >>> PING >>>> 10.10.1.0/24
10.0.0.0/24 >>> PING >>>> 10.10.3.0/24
The below is .conf file I pulled from our OpenSwan 2.2.6, this .conf file is for our 10.10.1.10/24 network (the 10.10.3.0/24 network is similar)
conn ifly-pen
auto=start
type=tunnel
left=%defaultroute
leftsubnets={172.17.0.0/16
leftid=54.153.249.30
right=115.70.193.138
rightid=115.70.193.138
rightsubnets={10.10.1.0/24
authby=secret
ike=aes128-sha1;modp1024
esp=aes128-sha1
pfs=no
forceencaps=yes
force_keepalive=yes
keep_alive=10
ikelifetime=8h
keylife=8h
You can see, the leftsubnets allows for communication to the 10.0.0.0/24 network from the 10.10.1.0/24 network. However, in the 10.10.1.0/24 network, when I ping the 10.0.0.1 IP address I get no response, see Ping.png and Tracert.png
Our OpenSwan IP is 172.17.0.6 and it is a VM in AWS, you can see the above is routing through the 10.10.1.1 (on the 10.10.1.0 network, router), through to the 172.17.0.6 but then goes nowhere. See OpenSwan_1.png
I’m able to ping the 10.10.1.0/24 and 10.10.3.0/24 networks in OpenSwan, see OpenSwan_2.png
Any assistance is greatly appreciated!
Tracert.png
Ping.png
OpenSwan_1.png
OpenSwan_2.png
I need to find a way to allow the 10.0.0.0/24 network to be reached from 10.10.1.0/24 – 10.10.3.0/24 networks. Given little documentation, I need the help to allow for communication between the networks, trying to achieve the below (sorry, I know it is sketchy)
10.10.1.0/24 >>> PING >>>> 10.0.0.0/24
10.10.3.0/24 >>> PING >>>> 10.0.0.0/24
10.0.0.0/24 >>> PING >>>> 10.10.1.0/24
10.0.0.0/24 >>> PING >>>> 10.10.3.0/24
The below is .conf file I pulled from our OpenSwan 2.2.6, this .conf file is for our 10.10.1.10/24 network (the 10.10.3.0/24 network is similar)
conn ifly-pen
auto=start
type=tunnel
left=%defaultroute
leftsubnets={172.17.0.0/16
leftid=54.153.249.30
right=115.70.193.138
rightid=115.70.193.138
rightsubnets={10.10.1.0/24
authby=secret
ike=aes128-sha1;modp1024
esp=aes128-sha1
pfs=no
forceencaps=yes
force_keepalive=yes
keep_alive=10
ikelifetime=8h
keylife=8h
You can see, the leftsubnets allows for communication to the 10.0.0.0/24 network from the 10.10.1.0/24 network. However, in the 10.10.1.0/24 network, when I ping the 10.0.0.1 IP address I get no response, see Ping.png and Tracert.png
Our OpenSwan IP is 172.17.0.6 and it is a VM in AWS, you can see the above is routing through the 10.10.1.1 (on the 10.10.1.0 network, router), through to the 172.17.0.6 but then goes nowhere. See OpenSwan_1.png
I’m able to ping the 10.10.1.0/24 and 10.10.3.0/24 networks in OpenSwan, see OpenSwan_2.png
Any assistance is greatly appreciated!
Tracert.png
Ping.png
OpenSwan_1.png
OpenSwan_2.png
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I got it working, basically the issue was caused by the router on the 10.0.0.0 network. I simply had had to allow for IP 10.10.1.0 to 10.10.3.0 access.
Thanks for your help and apologies for the delay response.