[Openswan Users] Help with WinXP behind NAT as client
Nate Carlson
natecars at natecarlson.com
Fri Mar 26 09:25:40 CET 2004
On Fri, 26 Mar 2004, Leonard Tulipan wrote:
> conn roadwarrior
> right=%any
> rightcert=RoadWarrior1Cert.pem
> rightsubnet=192.168.0.15/32
> left=%defaultroute
> auto=add
> pfs=yes
Why the rightsubnet=192.168.0.15/32? Is the box behind a NAT gateway?
If so, you'll probably want to turn nat_traversal on, and configure the
rightsubnet=%vhost/rightsubnetwithin settings.
Also, you don't need to specify rightcert, as long as the client
certificate has been signed by the CA cert that you have configured.
------------------------------------------------------------------------
| nate carlson | natecars at natecarlson.com | http://www.natecarlson.com |
| depriving some poor village of its idiot since 1981 |
------------------------------------------------------------------------
More information about the Users
mailing list