<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META content="text/html; charset=iso-8859-1" http-equiv=Content-Type>
<META name=GENERATOR content="MSHTML 8.00.6001.19394">
<STYLE></STYLE>
</HEAD>
<BODY bgColor=#ffffff>
<DIV><FONT color=#0000ff size=2 face=Verdana>
<DIV><FONT color=#0000ff size=2 face=Verdana>Dear Sirs,</FONT></DIV>
<DIV><FONT color=#0000ff size=2 face=Verdana></FONT> </DIV>
<DIV><FONT color=#0000ff size=2 face=Verdana>My test environment is
openswan 2.6.38 with embedded linux as below.</FONT></DIV>
<DIV><FONT color=#0000ff size=2 face=Verdana>192.168.1.x---------test1(openswan
172.17.21.80)-----------test2(openswan
172.17.21.81)--------192.168.2.x</FONT></DIV>
<DIV><FONT color=#0000ff size=2 face=Verdana></FONT> </DIV>
<DIV><FONT color=#0000ff size=2 face=Verdana>I would like to let all package
traffic pass through the VPN tunnel from test2 to test1.So my configuration are
as below.It did not work.</FONT></DIV>
<DIV>Could someone share his experience?Do I have any problem on my
configuration?thank's a lot.</DIV>
<DIV> </DIV>
<DIV>
<DIV><FONT color=#0000ff size=2 face=Verdana>Configuration for
test2=========================================</FONT></DIV>
<DIV><FONT color=#0000ff size=2 face=Verdana>config
setup<BR>
nat_traversal=no<BR>
oe=off<BR>
protostack=netkey<BR>
interfaces=%defaultroute</FONT></DIV>
<DIV> </DIV>
<DIV><FONT color=#0000ff size=2 face=Verdana>conn
test<BR>
left=172.17.21.81<BR>
leftsubnet=192.168.2.0/24<BR>
rightsubnet=0.0.0.0/0<BR>
connaddrfamily=ipv4<BR>
right=172.17.21.80<BR>
keyexchange=ike<BR>
ike=3des-md5;modp1024!<BR>
salifetime=480m<BR>
phase2=esp<BR>
phase2alg=3des-hmac_md5!;modp1024<BR>
pfs=yes<BR>
ikelifetime=60m<BR>
type=tunnel<BR>
authby=secret<BR>
auto=add</FONT></DIV>
<DIV> </DIV>
<DIV><FONT color=#0000ff size=2 face=Verdana>conn
passthr<BR>
left=172.17.21.81<BR>
right=0.0.0.0<BR>
leftsubnet=192.168.2.0/24<BR>
rightsubnet=192.168.2.0/24<BR>
type=passthrough<BR>
authby=never<BR>
auto=route<BR></FONT><FONT color=#0000ff size=2 face=Verdana><FONT color=#0000ff
size=2 face=Verdana><STRONG><FONT color=#ff0000>command</FONT></STRONG> ==>
ipsec setup start --> ipsec auto --up test -> ipsec auto --route
passthr<BR></FONT></FONT></DIV>
<DIV><FONT color=#0000ff size=2 face=Verdana><FONT color=#0000ff size=2
face=Verdana></FONT></FONT> </DIV>
<DIV><FONT color=#0000ff size=2 face=Verdana><FONT color=#0000ff size=2
face=Verdana></FONT></FONT> </DIV>
<DIV><FONT color=#0000ff size=2 face=Verdana><FONT color=#0000ff size=2
face=Verdana>Configuration for
test1=========================================</FONT></DIV></DIV>
<DIV>
<DIV><FONT color=#0000ff size=2 face=Verdana>
<DIV><FONT color=#0000ff size=2 face=Verdana>config
setup<BR>
nat_traversal=no<BR>
oe=off<BR>
protostack=netkey<BR>
interfaces=%defaultroute</FONT></DIV>
<DIV> </DIV>
<DIV><FONT color=#0000ff size=2 face=Verdana>conn
test<BR>
left=172.17.21.80<BR>
leftsubnet=192.168.1.0/24<BR>
rightsubnet=192.168.2.0/24<BR>
connaddrfamily=ipv4<BR>
right=172.17.21.81<BR>
keyexchange=ike<BR>
ike=3des-md5;modp1024!<BR>
salifetime=480m<BR>
phase2=esp<BR>
phase2alg=3des-hmac_md5!;modp1024<BR>
pfs=yes<BR>
ikelifetime=60m<BR>
type=tunnel<BR>
authby=secret<BR>
auto=add</FONT></DIV>
<DIV> </DIV>
<DIV><FONT color=#0000ff size=2 face=Verdana><STRONG><FONT
color=#ff0000>command</FONT></STRONG> ==> ipsec setup start --> ipsec auto
--up test</FONT></DIV>
<DIV> </DIV>
<DIV> </DIV>
<DIV></FONT></FONT><FONT color=#0000ff size=2 face=Verdana>Best
Regards,</FONT></DIV></DIV></DIV>
<DIV><FONT color=#0000ff size=2
face=Verdana>Ozai</FONT></FONT></DIV></DIV></BODY></HTML>