Please help..
Using a RouterBoard 1200 firmware 3.1 and packages 6.28
I have set-up a IPsec tunnel between an external network and my intern network. The tunnel built perfect and traffic is going fine but not exactly:
The IPsec policy is from 10.14.1.128/25 to 10.0.0.0/11
People from 10.0.0.0/11 are able to ping and to connect to web sites on the local 10.14.1.128/25 subnet
BUT:
from the router interface which has an IP address 10.14.1.252/25 I can’t ping my server on that subnet. These servers have 10.14.1.252 as default gateway and 255.255.255.128 as mask but cannot ping the gateway.
When I log what happen while pinging one of my server from the 10.14.1.252 I see that the packet is going direction the IPsec tunnel to the other side and for sure it is not what it should do. It should go directly to the local interface.
I check the routes tables and everything look ok…
BTW, I have other interface which have 10.0.4.252/24 and 10.0.5.252/24 and here, I do not have any trouble to ping the servers on these class C.
SO my question: do I need to make a class C (10.14.1.252/24) on place of 10.14.1.252/25 to be able to route correctly?
Help will be really welcome as I can’t find it after trying for two days a lot of combination.
René