[Openswan Users] trouble using leftsourceip=

David Mattes david.mattes at boeing.com
Wed May 12 13:44:19 CEST 2004


Hi,

I'm having no luck using the leftsourceip= parameter in ipsec.conf 
connection definition, while trying to connect to a Nortel CES VPN 
server.  I can see from the plutodebug that during the Quickmode 
exchange the ISAKMP Identification Payload is sending the leftsourceip 
address, but this payload is going out on the wire with my physical 
interface (eth0) address as the source address.  Shouldn't it appear to 
be coming from the leftsourceip address?  Thanks!  Here's my ipsec.conf:

config setup
    interfaces=%defaultroute
    klipsdebug=none
    plutodebug=all

conn cert
    authby=rsasig
    left=%defaultroute  #eth0 is 130.42.32.235
    leftsubnet=130.42.160.7/32
    leftsourceip=130.42.160.7
    leftcert=foo.pem
    leftsendcert=always
    leftid="C=US, O=B, OU=p, CN=5"
    right=130.42.160.10      #Nortel CES
    rightsubnet=130.42.0.0/16
    rightrsasigkey=%cert
    rightid="C=US, O=B, CN=N"
    auto=add



More information about the Users mailing list