[Openswan Users] AW: Openswan client with virtual IP - howto?

Andreas Kemper kem at comnets.rwth-aachen.de
Thu Apr 1 08:55:59 CEST 2004


Trevor Benson wrote:
>> Hi,
>> 
>> maybe the solution is quite simple, but right now I couldn't find an
>> answer to this question. Can anyone give me an example, on how I can
>> assign a virtual IP or kind of interface to the client, if it is also
>> an
> openswan
>> box?
>> 
>> Thx,
>> Andreas
> 
> Do you mean give it an address from the network it is
> connecting to? If so then you could run an l2tp server and
> client.  If you mean something else I am confused what you mean by
> 'virtual ip'. 
> 
> Trevor

Hi,

no, the situation is a bit different. 

Currently the configuration includes an openswan gateway, providing client
addresses by DHCP-over-Ipsec. The clients itself typically use SSH Sentinel,
which itself sets up a another virtual interface after connecting to the
gateway. This causes the client to use one of the dynamically assigned
sender addresses, matching the according
"rightsubnetwithin=a.b.c.d"-statement of the gateway configuration.

Assuming now the roadwarrior to run linux instead of windows, it also uses
openswan. How could I configure a single machine to use a sender IP-address,
different from its externally visible IP-address assigned by
DHCP-over-IPsec? I don't wanna use any specific "windows-extensions", like
L2TP-IPsec.

Andreas




More information about the Users mailing list