Hi
so I have a linux box acting as my DGW and border into the internet
eth0 = internet
eth1 = lan
eth2 = wlan
on the wlan I have 2 AP’s
hanging off the wifi I have 1 routeros box. it acts as a client and i have bridged the wlan2 interface into a bridge with the local lan ports.
I have connected tv, amp and mac to it. that works okay I can ping from the LAN into the tv,mac,amp.
what I have also done is create a IPSEC s2s vpn using IPSEC-nat-t. to another routeros box (except its the DGW). from my routeros box (ros1) I can ping across the ipsec tunnel - works well. lets say for the tunnel its
10.10.8.0/22 on my side and 10.10.12.0/22 on the other side
so on my linux firewall / router I add a route
10.10.12.0/22 via 10.10.10.10 (ip address on ros1 bridge interface).
when i go to ping from my linux box to 10.10.12.1 it fails I see packets leave the linux box and apear on wlan2 interface - but not on the bridge interface ? so doesn’t get routed back through the ipsec tunnel .
Now the only interesting thing is the IPSEC path back is over wlan2.
so i tried another test. on bridge interface I added 10.1.1.1/32 I added the router 10.1.1.1/32 via 10.10.10.10 on the linux box and again the packet hits the wifi I can see it on wlan2 interface, but not on the bridge interface so the ping fails !
what can i do to fix this ?