View previous topic :: View next topic |
Author |
Message |
Manu311 Tux's lil' helper
Joined: 17 Nov 2010 Posts: 128
|
Posted: Mon Aug 06, 2012 4:08 pm Post subject: vpnc routing table is missing the route to my router |
|
|
Hi,
I've been setting up vpnc which is working with one exception.
It creates a lot of routes but removes the needed route:
Code: | 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0 |
The route to the vpn-server is there - so it knows it should use my router - just that my router is not accessible.
I'm able to fix this by hand with the command:
Code: | route add -net 192.168.1.0 netmask 255.255.255.0 eth0 |
but seriously that can't be the way to do this.
Is there an option in vpnc that I've been missing?
Or should I simply upgrade to a newer (~amd64) version? I'm using vpnc-0.5.3 with (only) hybrid-auth flag |
|
Back to top |
|
|
tuber Apprentice
Joined: 12 Nov 2004 Posts: 267
|
Posted: Mon Aug 27, 2012 5:02 am Post subject: |
|
|
Did you modify /etc/vpnc/vpnc-script? I set the CISCO_SPLIT_INC* variables, and my local route is still there. At least I think so; my other end is not responding so I can't check. |
|
Back to top |
|
|
Manu311 Tux's lil' helper
Joined: 17 Nov 2010 Posts: 128
|
Posted: Mon Aug 27, 2012 10:03 am Post subject: |
|
|
no I didn't - but this looks like it overwrites the dhcp route (which may change from time to time) so I have to write every route by myself.
Could you show me your file if I am wrong? So I can use yours as example? |
|
Back to top |
|
|
tuber Apprentice
Joined: 12 Nov 2004 Posts: 267
|
Posted: Sun Sep 02, 2012 3:36 am Post subject: |
|
|
Here's the relevant portion: Code: | # =========== script (variable) setup ====================================
CISCO_DEF_DOMAIN=mycompany.com
CISCO_SPLIT_INC=1
CISCO_SPLIT_INC_0_ADDR=172.16.0.0
CISCO_SPLIT_INC_0_MASK=255.255.0.0
CISCO_SPLIT_INC_0_MASKLEN=16 | Here's my set up before running vpnc: Code: |
:[ 1043/0 ]:0-> $ /sbin/route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.0.1 0.0.0.0 UG 2003 0 0 wlan0
127.0.0.0 127.0.0.1 255.0.0.0 UG 0 0 0 lo
192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 wlan0
:[ 1044/0 ]:0-> $ cat /etc/resolv.conf
# Generated by net-scripts for interface wlan0
nameserver 192.168.0.1 | and after: Code: |
:[ 1045/0 ]:0-> $ /sbin/route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.0.1 0.0.0.0 UG 2003 0 0 wlan0
172.16.0.0 0.0.0.0 255.255.0.0 U 0 0 0 tun0
172.16.0.1 0.0.0.0 255.255.255.255 UH 0 0 0 tun0
172.16.0.2 0.0.0.0 255.255.255.255 UH 0 0 0 tun0
127.0.0.0 127.0.0.1 255.0.0.0 UG 0 0 0 lo
192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 wlan0
:[ 1046/0 ]:0-> $ cat /etc/resolv.conf
#@VPNC_GENERATED@ -- this file is generated by vpnc
# and will be overwritten by vpnc
# as long as the above mark is intact
# Generated by net-scripts for interface wlan0
nameserver 172.16.0.1
nameserver 172.16.0.2
search mycompany.com
|
|
|
Back to top |
|
|
Manu311 Tux's lil' helper
Joined: 17 Nov 2010 Posts: 128
|
Posted: Sun Sep 02, 2012 3:53 am Post subject: |
|
|
Actually I recently discovered there is an other command which "solves" my problem:
Code: | route del -net 192.168.1.0 netmask 255.255.255.0 tun0 |
because vpnc seems to CREATE a route to my local network via vpnc. This is definitly not because the server is redirecting those ips - the network there actually has 10.x.x.x or 192.168.10.x ips.
I'm not sure if this was the case earlier - but anyways, we're changing the vpn programs at work so I wont need vpnc anymore. I just thought this should be "fixed" somewhere, as long as it "is" my fault it doesn't matter, but I doubt that it is.
I haven't tried your fix tuber, but thanks for posting it - I just don't see how this could actually fix it.
It looks like you became 172.16.0.x added even thought you haven't added them in your configfile. |
|
Back to top |
|
|
|