Community discussions

 
dominicbatty
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 91
Joined: Wed Jul 07, 2010 12:26 pm

Routing Issue with IPSEC L2TP

Tue Apr 26, 2011 11:40 am

Hi, I was wondering if someone could explain the following behaviour and why it might be happening.

2x internet interfaces I-1 and I-2
L2TP IPSEC VPN from remote sites connecting into I-2
Remote site ip address is R-1

1. If I set the default route for the router to gateway=I-2 then the incoming connections from the remote site works fine so the basic VPN configuration is all ok.

2. If I set the default route to gateway=I-1 but I put a specific route in for R-1 to go through gateway=I-2 then this also works ok.

3. If I leave the default gateway=I-1 and instead of adding a specific route for R-1, I mark traffic in the OUTPUT mangle chain with a routing mark of "Route-2". I then add a route for routing-mark "Route-2" and tell it to use gateway I-2 then the VPN will never connect.

It is as though IPSEC traffic is somehow excluded or ignored in the mangle rules for routing which is odd as these same mangle rules catch other traffic leaving the router without any problems.

Any help or advice would be greatly appreciated.

Who is online

Users browsing this forum: Google [Bot], MSN [Bot] and 101 guests