[Openswan Users] Tunnels come up, but not all traffic goesthrough

Jacco de Leeuw jacco2 at dds.nl
Sat Jun 12 15:57:32 CEST 2004


Trevor Benson wrote:

>>For this reason I use the 'listen-addr' parameter so that l2tpd
>>only listens on an internal interface (say, 192.168.1.98). Then I
>>set up a NAT rule like this:
>>But this won't work with 26sec, because there is no ipsec0.
> 
> This is exactly what I was afraid of.  I am using quite a few L2TP
> tunnels, and the iptables -a PREROUTING -I ipsec0.  So this type of
> connection will be an issue in 26sec?

Well, it does work but I'm the cautious type. With the listen-addr
parameter you fall back to a fail-safe configuration should the firewall
or IPsec be down, so it's very unfortunate that it can't be used at
this time.

Jacco
-- 
Jacco de Leeuw                         mailto:jacco2 at dds.nl
Zaandam, The Netherlands           http://www.jacco2.dds.nl


More information about the Users mailing list