all
I have established a VPN between the two places (A to B)
However, it is now only possible to ping B's intranet IP from A.
Cannot ping A's intranet IP from B
A's intranet IP is 172.27.7.254; B's intranet IP is 10.76.15.254
B's routing table is as follows
[root@B ~]# ip route list table 220
172.27.7.0/24 via 144.34.160.1 dev eth0 proto static src 10.76.15.254
10.76.12.0/22 dev eth1 proto static src 10.76.15.254
B.B.160.0/19 dev eth0 proto static src B.B.188.145
B's iptables rule is as follws:
Code: Select all
[root@B ~]# iptables -nvL
Chain INPUT (policy DROP 4913 packets, 1583K bytes)
pkts bytes target prot opt in out source destination
457 37530 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:53
436 63056 ACCEPT esp -- eth0 * 0.0.0.0/0 0.0.0.0/0
61405 11M ACCEPT udp -- eth0 * 0.0.0.0/0 0.0.0.0/0 multiport dports 500,4500
14 2400 ACCEPT tcp -- * * 172.27.7.0/24 0.0.0.0/0 tcp dpt:22
6514 32400 ACCEPT tcp -- * * 10.76.15.0/24 0.0.0.0/0 tcp dpt:22
6636 2018K ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- eth0 * 172.27.7.0/24 10.76.15.254 policy match dir in pol ipsec reqid 10 proto 50
0 0 ACCEPT all -- * eth0 10.76.15.254 172.27.7.0/24 policy match dir out pol ipsec reqid 10 proto 50
280 39488 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
[root@B ~]#
Code: Select all
[root@B ~]# iptables -nvL -t nat
Chain POSTROUTING (policy ACCEPT 528 packets, 36588 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 policy match dir out pol ipsec
6 504 SNAT all -- * * 10.76.12.0/22 0.0.0.0/0 to:B.B.188.145
Others are not set and are ACCEPT
Thanks for your reply..