[Openswan Users] Can't reach hosts behind my VPN-Gateway

Nate Carlson natecars at natecarlson.com
Tue Apr 6 10:45:39 CEST 2004


On Tue, 6 Apr 2004, Sebastian Albrecht wrote:
> i want to access my private LAN and Internet via WLAN and a VPN-Gateway
> in following constellation:
> 
> Win2k-Machine (with Marcus Mueller's ipsec-Tool)
> 10.0.18.202
>     |
>    WLAN
>     |
> Access Point
> 10.0.18.201
>     |
>    eth1/ipsec1
> 10.0.18.200
> Suse8.2 with OpenSWAN 2.1.0
>    eth0/ipsec0
> 10.0.18.60
>     |
> private LAN 10.0.0.0/8
>     |
> 10.0.0.1
> Internet Gateway

You're trying to use the same network (10.0.18.0/24?) on both your eth0
and eth1 interface. This is going to cause problems - you'll only get a
route to one of the interfaces, not both.

For easy-of-use (and security) reasons, I'd recommend splitting your
wireless network off onto a separate network - IE, have your eth0 network
use 10.0.18.0/24, and have your eth1 network use 192.168.0.0/24 (as an
example, as long as they are separate networks, it'll work fine - you
could also use 10.0.19.0/24, as long as you have your netmasks configured
properly).

------------------------------------------------------------------------
| nate carlson | natecars at natecarlson.com | http://www.natecarlson.com |
|       depriving some poor village of its idiot since 1981            |
------------------------------------------------------------------------


More information about the Users mailing list