Thanks for the feedback. I need to bypass the firewall as it's blocking the traffic (I think) (as no packets are received on the tun interface of the remote server when I ping the 10.30.7.100 from 192.168.1.2). If I try to force the internal traffic by adding a route for the internal network, i.e 192.168.1.0 through the tunnel, ping doesn't work. Yes the tunnel is up with no errors,Initialization Sequence is done. Yes from 192.168.1.2, I can ping successfully to 10.8.0.6 (tun interface of the remote server) from 192.168.1.2 and vice versa (when I ping 10.8.0.1 from 10.30.7.100). As said, I want to communicate from the 192.168.1.2 to the remote server (10.30.7.100) without passing through NAT (firewall) because the software I'm installing on the remote server requires no NAT communication.Is there a way that this can be done??? Which IP should I assign the software so that it communicates through the tunnel, the physical nic or the virtual tun one???Maybe it's the concept I'm missing??
>>> Erich Titl <erich.titl@xxxxxxxx> 05/07/2007 18:03 >>>
Peter Njiiri wrote:
> The application to be installed on the client server (10.30.7.9)
> requires that no NAT-ing be done thus need the tunnel to work to prevent
> any NAT by the PIX. Is there a route I can add to bypass the firewall.
> Can an alternative route or iptables rule be added to force all data
> from 192.168.1.2 to 10.30.7.100??Is there something I've
> missed??Feedback will be appreciated. Thanks
You did not tell us if the tunnel actually comes up. Once the tunnel is
established you can contact the client through its _tunnel_ interface.