[Openswan dev] Openswan 2.4.0 virtual_private problems

Paul Wouters paul at xelerance.com
Mon Sep 19 21:21:01 CEST 2005


On Mon, 19 Sep 2005, Dmitriy wrote:

> Really IPSEC connection is established between openswan server and EXTERNAL 
> ip of NAT router.

Yes, that is how things should be.

> However if somebody will connect not to external interface of openswan 
> server, openswan will create wrong route on this internal interface to 
> somebody ip.

what do you mean with 'connecting'? Openswan only changes routing if a
new IPsec tunnel is created. So I assume you are trying to have a setup
where you can connect to the Openswan server using IPsec from the inside
as well as the outside of the network?

> So currently i do not understand how virtual_private works.

I really do not know what you are trying to do. Perhaps posting parts of
your ipesc.conf will help me understand it.

Paul


More information about the Dev mailing list