<div>Thanks Peter, I already have a succesful VPN connection with Linux OpenSWAN & Linksys BEFSX41 router using the configuration you listed below, linksys has similar settings. However, I'm not sure if its okey with you guys to ask the question how can I route the trafic in Linux, I was testing with routes and iptables but im not that good with Linux routing.
</div>
<div> </div>
<div>Regards,</div>
<div> </div>
<div>Richard<br><br></div>
<div class="gmail_quote">On Jan 21, 2008 10:45 PM, Peter McGill <<a href="mailto:petermcgill@goco.net">petermcgill@goco.net</a>> wrote:<br>
<blockquote class="gmail_quote" style="PADDING-LEFT: 1ex; MARGIN: 0px 0px 0px 0.8ex; BORDER-LEFT: #ccc 1px solid">
<div>
<div dir="ltr" align="left"><span><font face="Arial" color="#0000ff" size="2">To have traffic flow to/from <a href="http://192.168.8.0/24" target="_blank">192.168.8.0/24</a> and <a href="http://192.168.2.0/24" target="_blank">
192.168.2.0/24</a> you need to have subnets in openswan for them.</font></span></div>
<div dir="ltr" align="left"><span><font face="Arial" color="#0000ff" size="2">ie)</font></span></div>
<div dir="ltr" align="left"><span><font face="Arial" color="#0000ff" size="2"></font></span> </div>
<div dir="ltr" align="left"><span><font face="Arial" color="#0000ff" size="2">conn <whatever you have></font></span></div>
<div dir="ltr" align="left"><span> <font face="Arial" color="#0000ff" size="2">leftsubnet=<a href="http://172.168.8.0/24" target="_blank">172.168.8.0/24</a></font></span></div>
<div dir="ltr" align="left"><span> <font face="Arial" color="#0000ff" size="2">leftsourceip=<a href="http://172.168.8.110/" target="_blank">172.168.8.110</a></font></span></div>
<div dir="ltr" align="left"><span> <font face="Arial" color="#0000ff" size="2">rightsubnet=<a href="http://192.168.2.0/24" target="_blank">192.168.2.0/24</a></font></span></div>
<div dir="ltr" align="left"><span><font face="Arial" color="#0000ff" size="2"></font></span> </div>
<div dir="ltr" align="left"><span><font face="Arial" color="#0000ff" size="2">Don't know the linksys settings to match this, but the linksys will also need the left/right subnets set in the ipsec settings.</font></span>
</div>
<div dir="ltr" align="left"><span><font face="Arial" color="#0000ff" size="2"></font></span> </div>
<div dir="ltr" align="left"><span><font face="Arial" color="#0000ff" size="2">Also, the hosts in <a href="http://172.168.8.0/24" target="_blank">172.168.8.0/24</a> will need to know to route traffic for <a href="http://192.168.2.0/24" target="_blank">
192.168.2.0/24</a> to <a href="http://172.168.8.110/" target="_blank">172.168.8.110</a>, either by having</font></span></div>
<div dir="ltr" align="left"><span><font face="Arial" color="#0000ff" size="2"><a href="http://172.168.8.110/" target="_blank">172.168.8.110</a> as the default gateway for the subnet or by putting a static route on the default gateway to forward traffic
</font></span></div>
<div dir="ltr" align="left"><span><font face="Arial" color="#0000ff" size="2">for <a href="http://192.168.2.0/24" target="_blank">192.168.2.0/24</a> to <a href="http://172.168.8.110/" target="_blank">172.168.8.110</a>.</font>
</span></div>
<div dir="ltr" align="left"><span><font face="Arial" color="#0000ff" size="2"></font></span> </div>
<div><font face="Arial" color="#0000ff" size="2"></font> </div>
<div align="left"><font face="Arial" size="2">Peter McGill</font></div>
<div> </div><br>
<blockquote dir="ltr" style="PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: #0000ff 2px solid; MARGIN-RIGHT: 0px">
<div lang="en-us" dir="ltr" align="left">
<hr>
<font face="Tahoma" size="2"><b>From:</b> <a href="mailto:users-bounces@openswan.org" target="_blank">users-bounces@openswan.org</a> [mailto:<a href="mailto:users-bounces@openswan.org" target="_blank">users-bounces@openswan.org
</a>] <b>On Behalf Of </b>richard garcia<br><b>Sent:</b> January 19, 2008 10:16 AM<br><b>To:</b> <a href="mailto:users@openswan.org" target="_blank">users@openswan.org</a><br><b>Subject:</b> [Openswan Users] Openswan & Linksys BEFSX41 VPN Router
<br></font><br></div>
<div>
<div></div>
<div class="Wj3C7c">
<div></div>
<div>Hi, I'm new to openswan, I was able to establish a connection using Ubuntu Openswan and a Linksys BEFSX41 VPN Router. Below is the layout of the setup</div>
<div> </div>
<div> <a href="http://192.168.1.10/" target="_blank">192.168.1.10</a> WAN <a href="http://192.168.1.12/" target="_blank">192.168.1.12</a></div>
<div> <a href="http://172.168.8.110/24" target="_blank">172.168.8.110/24</a></div>
<div><a href="http://172.168.8.3/24" target="_blank">172.168.8.3/24</a> -----------------------> OPENSWAN -------------------------> BEFSX41 ---------------------------------> <a href="http://192.168.2.2/24" target="_blank">
192.168.2.2/24 </a>(Windows)</div>
<div> </div>
<div>From <a href="http://192.168.2.2/" target="_blank">192.168.2.2</a>, I can ping <a href="http://172.168.8.110/" target="_blank">172.168.8.110</a>. However I need to connect to <a href="http://172.168.8.3/" target="_blank">
172.168.8.3</a>, ping to this host is request timeout. From <a href="http://172.168.8.110/" target="_blank">172.168.8.110</a>, cannot ping any pcs in <a href="http://192.168.2.2/" target="_blank">192.168.2.2</a>.</div>
<div>Im not very good at iptables and routing in Linux, can anyone help me?</div>
<div> </div>
<div>Regards,</div>
<div> </div>
<div>splender99</div></div></div></blockquote></div></blockquote></div><br>