Red Hat Networking - Source Based Routing maybe - 1 Box, 2 Links, 1 Destination, need 2 Tunnels

Author

Source Based Routing maybe - 1 Box, 2 Links, 1 Destination, need 2 Tunnels

James

2004-01-23, 7:34 pm

Hi,

Running Redhat 7.3 with 2.4.20-18.7, rpm install of compiled kernel
(can install source and compile if necessary).

Configuration.

Linux Box has

LAN 10.0.20.0/24 & 10.0.21.0/24
Linux eth0 IP's of 10.0.20.254 & 10.0.21.254

/dev/ttyS4 128K ISDN#1 internet static ip xxx.yyy.zzz.212
/dev/ttyS5 128K ISDN#2 internet static ip xxx.yyy.zzz.214

ISDN#1 is currently default GW to Internet

Unfortunately both links have the same gw address at the ISP.

Remote Site is VPN Router, supports PPTP, L2TP, IPSEC (Linux based
router)

WAN Interface 1.5Mb ADSL Link internet static ip aaa.bbb.zzz.10

LAN 10.0.254.0/24 & 10.0.253.0/24
Router IP's of 10.0.254.254 & 10.0.253.254

Situation.

I need to run 2 tunnels from the Linux Box to the Remote Router.

Tunnel#1

ISDN#1 -> Remote routing 10.0.20.0/24 -> 10.0.254.0/24

Tunnel#2

ISDN#2 -> Remote routing 10.0.21.0/24 -> 10.0.253.0/24

Problem.

I was trying to avoid Source Based routing but that maybe a pipe
dream, initially the configuration was as followings.

PPTP VPN from ISDN#1 to Router with static routes for subnets works
fine.

Tried to have the Router create a PPTP VPN to ISDN#2 and use static
routes, which would have worked fine, but when the Router connects to
ISDN#2 and tries to authenticate it receives reply packets down ISDN#1
and authentification fails.

I'm not at expert on IPSEC but could it be feasible to create IPSEC
based tunnels using Source based routing?

Linux
Packet from 10.0.20.0/24 gw ISDN#1 -> aaa.bbb.ccc.10
Packet from 10.0.21.0/24 gw ISDN#2 -> aaa.bbb.ccc.10

Router
Packet from 10.0.254.0/24 gw ADSL -> xxx.yyy.zzz.212
Packet from 10.0.253.0/24 gw ADSL -> xxx.yyy.zzz.214

Or is there a better solution? Any help would be very much
appreciated.

James