[Openswan dev] [Openswan Users] Windows XP (lsipsectool) - Debian connection Problem

Paul Wouters paul at xelerance.com
Thu Jul 26 10:57:52 EDT 2007


On Thu, 26 Jul 2007, Dharmesh Chauhan wrote:

> conn nettwo
>         left=10.10.136.90
>         leftsubnet=192.168.1.0/24
>         right=10.10.136.10
>          rightsubnet=192.168.1.0/24

You cannot do this. A subnet cannot live at two places at once.

> These configurations established the connection but I could get desired pings only after adding routing table entry in Windows XP side with the command

Well, tell me. Where should pings for 192.168.1.1 go to? Your connection
claims that network lives behind the left gateway AND behind the right gateway.

I am surprised openswan allows this configuration. Perhaps we should ensure
such connections are rejected in the future. Michael?

Paul


More information about the Dev mailing list