diff --git a/roles/post/files/interfaces.r-vp1 b/roles/post/files/interfaces.r-vp1 index ac0a8fa..ce75e55 100644 --- a/roles/post/files/interfaces.r-vp1 +++ b/roles/post/files/interfaces.r-vp1 @@ -1,6 +1,5 @@ # This file describes the network interfaces available on your system # and how to activate them. For more information, see interfaces(5). - # The loopback network interface #auto lo #iface lo inet loopback @@ -22,8 +21,11 @@ allow-hotplug enp0s9 iface enp0s9 inet static address 192.168.1.2 netmask 255.255.255.0 - up route add -net 172.16.128.0/24 gw 192.168.1.2 + post-up ip route add 172.16.128.0/24 via 192.168.1.2 + post-up ip route add 172.16.0.0/24 via 192.168.1.1 + post-up ip route add 192.168.200.0/24 via 192.168.1.1 + # up route add -net 172.16.128.0/24 gw 192.168.0.52 # up route add default gw 192.168.1.1 # post-up /bin/bash /root/iptables-vpn - post-up /etc/init.d/ipsec restart \ No newline at end of file + post-up /etc/init.d/ipsec restart diff --git a/roles/post/files/interfaces.r-vp2 b/roles/post/files/interfaces.r-vp2 index 6398c63..233bf5b 100644 --- a/roles/post/files/interfaces.r-vp2 +++ b/roles/post/files/interfaces.r-vp2 @@ -1,6 +1,5 @@ # This file describes the network interfaces available on your system # and how to activate them. For more information, see interfaces(5). - # The loopback network interface #auto lo #iface lo inet loopback @@ -22,7 +21,9 @@ allow-hotplug enp0s9 iface enp0s9 inet static address 192.168.0.52 netmask 255.255.255.0 -# up route add -net 192.168.1.0/24 gw 172.16.128.254 - up route add -net 192.168.1.0/24 gw 192.168.0.52 + post-up ip route add 192.168.1.0/24 via 172.16.128.254/24 + post-up ip route add 172.16.0.0/24 via 172.16.128.254/24 + +# up route add -net 192.168.1.0/24 gw 192.168.0.52 # post-up /bin/bash /root/iptables-vpn - post-up /etc/init.d/ipsec restart \ No newline at end of file + post-up /etc/init.d/ipsec restart diff --git a/roles/vpn-stg-l/files/ipsec.conf b/roles/vpn-stg-l/files/ipsec.conf index 42954c2..52b3446 100644 --- a/roles/vpn-stg-l/files/ipsec.conf +++ b/roles/vpn-stg-l/files/ipsec.conf @@ -7,7 +7,7 @@ conn tunnel # left=192.168.0.52 leftsubnet=172.16.128.0/24 right=192.168.0.51 - rightsubnet=192.168.0.0/16, 172.16.0.0/24 + rightsubnet=192.168.1.0/24, 192.168.200.0/24, 172.16.0.0/24 ike=aes256-sha2_256-modp1024! esp=aes256-sha2_256! keyingtries=0 diff --git a/roles/vpn-stg-r/files/ipsec.conf b/roles/vpn-stg-r/files/ipsec.conf index 9f3e471..28d06fd 100644 --- a/roles/vpn-stg-r/files/ipsec.conf +++ b/roles/vpn-stg-r/files/ipsec.conf @@ -5,7 +5,7 @@ config setup conn %default conn tunnel # left=192.168.0.51 - leftsubnet=192.168.0.0/16, 172.16.0.0/24 + leftsubnet=192.168.1.0/24, 192.168.200.0/24, 172.16.0.0/24 right=192.168.0.52 rightsubnet=172.16.128.0/24 ike=aes256-sha2_256-modp1024!