Ok, I will clearify the the setup. I have an UMTS modem, which will receive a new IP adres every 24 hours. This modem is connected to a gateway machine. Berhind the gateway machine there are 2 other PC's. The gateway has IP addres 10.0.1.1, de PC's have 10.0.1.10 and 10.0.1.11. For both PC's the default gateway is 10.0.1.1. Besides that, I have one central machine where the roadwarrior network should connect to. <br>
<br>From the central server I can ping to 10.0.1.11 for example, I see esp packages when using tcpdump. when I ping from 10.0.1.1 to the central server, I see plain ICMP packages. <br><br>The default gateway on the roadwarrior gateway is set to the gateway of the provider. <br>
<br>Bram<br><br><div class="gmail_quote">On Tue, Apr 21, 2009 at 2:07 AM, Paul Wouters <span dir="ltr"><<a href="mailto:paul@xelerance.com">paul@xelerance.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div class="im">On Mon, 20 Apr 2009, Bram H wrote:<br>
<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
I have a sort of working roadwarrior setup. I used <a href="http://www.natecarlson.com/linux/ipsec-x509.php" target="_blank">http://www.natecarlson.com/linux/ipsec-x509.php</a> to get it working (a few errors in the<br>
document). My roadwarrior consists of multiple PC's in a network, the gateway on that network connects to a central server. Both gateway<br>
and server are running openswan. So it must be possible to access the server from the pc's in the roadwarrior network and to access all of<br>
the PC's from the server.<br>
</blockquote>
<br></div>
Not sure I understand the setup.....<div class="im"><br>
<br>
<blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
Well, it works one way. I can connect to all of the client PC's from the server. With TCPDUMP I see esp packages traveling trough the<br>
network. But when I ping the server from one of the clients the traffic is just plain, it used the normal internet connection and not the<br>
tunnel.<br>
</blockquote>
<br></div>
If the clients are using a default gateway that is not the openswan box, then<br>
you would see this. You would either need to add a route on the gateway to<br>
the openswan box, or add a route on the clients to the openswan box.<br><font color="#888888">
<br>
Paul<br>
</font></blockquote></div><br>