[Openswan Users] trouble using leftsourceip=

Michael Richardson mcr at sandelman.ottawa.on.ca
Wed May 12 17:01:55 CEST 2004


-----BEGIN PGP SIGNED MESSAGE-----


>>>>> "David" == David Mattes <david.mattes at boeing.com> writes:
    David> I'm having no luck using the leftsourceip= parameter in
    David> ipsec.conf connection definition, while trying to connect to
    David> a Nortel CES VPN server.  I can see from the plutodebug that
    David> during the Quickmode exchange the ISAKMP Identification
    David> Payload is sending the leftsourceip address, but this payload
    David> is going out on the wire with my physical interface (eth0)
    David> address as the source address.  Shouldn't it appear to be
    David> coming from the leftsourceip address?  Thanks!  Here's my

  No.
  lefsourceip= sets the source IP for packets in the tunnel.

  The IKE packets MUST go out with your actual IP address. Otherwise,
how would you communicate on the network?

- --
]       ON HUMILITY: to err is human. To moo, bovine.           |  firewalls  [
]   Michael Richardson,    Xelerance Corporation, Ottawa, ON    |net architect[
] mcr at xelerance.com      http://www.sandelman.ottawa.on.ca/mcr/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: Finger me for keys

iQCVAwUBQKKCsoqHRg3pndX9AQEoeAQAlrKWJayU/UQo4TAVyZjUjZLQGgI/YQkk
tBBJyuUht4JluOy2ukGUkaq4l2vIAnnnKRwK3s7F3a2mqCl0M8AJ9jYqzBBIuzXi
Nv+G1itlL3e1jAEO4Xn21KkSb04tei7gUakGOx5h83hqE+BPnDH9iC6ADWLs3x/L
62y5bI3mbSs=
=mRSP
-----END PGP SIGNATURE-----


More information about the Users mailing list