<br>I have been fighting through this setup for more than a week now and I'm at a brick wall. <br><br>My setup:<br><br>my.ip-----------1.1.1.1(sonicwall)========[<a href="http://192.168.1.0/24">192.168.1.0/24</a><br> [--------[<a href="http://192.168.1.1">192.168.1.1</a>(router)<a href="http://192.168.2.1">192.168.2.1</a>]----------<a href="http://192.168.2.0/24">192.168.2.0/24</a><br>
<br><br>I am connected to the internet over an aircard using Ubuntu, so no NAT'ing is in the way on my end. I need to establish a tunnel from my machine to the sonicwall to gain access to the <a href="http://192.168.1.0">192.168.1.0</a> AND <a href="http://192.168.2.0">192.168.2.0</a> networks. I am using XAUTH on the Sonicwall and it has NAT traverse enabled. I can successfully authenticate and connect to the <a href="http://192.168.1.0">192.168.1.0</a> network and I can ping <a href="http://192.168.1.1">192.168.1.1</a>. I can also ping <a href="http://192.168.2.1">192.168.2.1</a> (other interface on the router) but I cannot ping any other IP's on the 2.0 network. This connection is using the GroupVPN SA on the Standard OS Sonicwall. How do I configure this? <br>
<br>Here's my ipsec.conf config:<br><br>config setup<br><br>conn block<br> auto=ignore<br>conn private<br> auto=ignore<br>conn private-or-clear<br> auto=ignore<br>conn clear-or-private<br> auto=ignore<br>conn clear<br>
auto=ignore<br>conn packetdefault<br> auto=ignore<br><br>conn net1<br> left=my.ip<br> leftid=@home<br> leftxauthclient=yes<br> right=ip.sonicwall (internet)<br> rightsubnet=<a href="http://192.168.1.0/24">192.168.1.0/24</a><br>
rightxauthserver=yes<br> rightid=@sonicwall identifier<br> <snip auth lines><br> <br><br>conn net2<br> left=my.ip<br> leftid=@home<br> leftxauthclient=yes<br> right=ip.sonicwall (internet)<br>
rightsubnet=<a href="http://192.168.2.0">192.168.2.0</a><br> rightxauthserver=yes<br> rightid=@sonicwall identifier<br> <snip auth lines><br><br>I've read through countless mailing lists and google links and the openswan wiki, but I cannot figure out how to get this working. It has to be a routing issue but I am still unfamiliar with ipsec so I am unsure of what to change.<br>
<br>ANY assistance would be great!!<br><br>I would also like to know what, if anything, would need to change for me to connect this tunnel when my machine (laptop) is behind a firewall, too. <br>