Ajustement des routes dans /etc/network/interfaces + correction de la syntaxe

2021-01-26 15:43:27 +01:00 · 2021-01-26 15:43:27 +01:00 · 7c6851eabc
commit 7c6851eabc
parent 6dd2d19fc8
4 changed files with 12 additions and 9 deletions
--- a/roles/post/files/interfaces.r-vp1
+++ b/roles/post/files/interfaces.r-vp1
@ -1,6 +1,5 @@
 # This file describes the network interfaces available on your system
 # and how to activate them. For more information, see interfaces(5).
-
 # The loopback network interface
 #auto lo
 #iface lo inet loopback
@ -22,8 +21,11 @@ allow-hotplug enp0s9
 iface enp0s9 inet static
 	address 192.168.1.2
 	netmask 255.255.255.0
-	up route add -net 172.16.128.0/24 gw 192.168.1.2
+	post-up ip route add 172.16.128.0/24 via 192.168.1.2
+	post-up ip route add 172.16.0.0/24 via 192.168.1.1
+	post-up ip route add 192.168.200.0/24 via 192.168.1.1
+
 #	up route add -net 172.16.128.0/24 gw 192.168.0.52
 #	up route add default gw 192.168.1.1
 #	post-up /bin/bash /root/iptables-vpn
-	post-up /etc/init.d/ipsec restart
+	post-up /etc/init.d/ipsec restart
--- a/roles/post/files/interfaces.r-vp2
+++ b/roles/post/files/interfaces.r-vp2
@ -1,6 +1,5 @@
 # This file describes the network interfaces available on your system
 # and how to activate them. For more information, see interfaces(5).
-
 # The loopback network interface
 #auto lo
 #iface lo inet loopback
@ -22,7 +21,9 @@ allow-hotplug enp0s9
 iface enp0s9 inet static
 	address 192.168.0.52
 	netmask 255.255.255.0
-#	up route add -net 192.168.1.0/24 gw 172.16.128.254
-	up route add -net 192.168.1.0/24 gw 192.168.0.52
+	post-up ip route add 192.168.1.0/24 via 172.16.128.254/24
+	post-up ip route add 172.16.0.0/24 via 172.16.128.254/24
+
+#	up route add -net 192.168.1.0/24 gw 192.168.0.52
 #	post-up /bin/bash /root/iptables-vpn
-	post-up /etc/init.d/ipsec restart
+	post-up /etc/init.d/ipsec restart
--- a/roles/vpn-stg-l/files/ipsec.conf
+++ b/roles/vpn-stg-l/files/ipsec.conf
@ -7,7 +7,7 @@ conn tunnel #
        left=192.168.0.52
        leftsubnet=172.16.128.0/24
        right=192.168.0.51
-        rightsubnet=192.168.0.0/16, 172.16.0.0/24
+        rightsubnet=192.168.1.0/24, 192.168.200.0/24, 172.16.0.0/24
        ike=aes256-sha2_256-modp1024!
        esp=aes256-sha2_256!
        keyingtries=0
--- a/roles/vpn-stg-r/files/ipsec.conf
+++ b/roles/vpn-stg-r/files/ipsec.conf
@ -5,7 +5,7 @@ config setup
 conn %default
 conn tunnel #
        left=192.168.0.51
-        leftsubnet=192.168.0.0/16, 172.16.0.0/24
+        leftsubnet=192.168.1.0/24, 192.168.200.0/24, 172.16.0.0/24
        right=192.168.0.52
        rightsubnet=172.16.128.0/24
        ike=aes256-sha2_256-modp1024!