[Openswan Users] trouble using leftsourceip=
Paul Wouters
paul at xelerance.com
Thu May 13 01:38:28 CEST 2004
On Wed, 12 May 2004, Michael Richardson wrote:
> >>>>> "David" == David Mattes <david.mattes at boeing.com> writes:
> David> I'm having no luck using the leftsourceip= parameter in
> David> ipsec.conf connection definition, while trying to connect to
> David> a Nortel CES VPN server. I can see from the plutodebug that
> David> during the Quickmode exchange the ISAKMP Identification
> David> Payload is sending the leftsourceip address, but this payload
> David> is going out on the wire with my physical interface (eth0)
> David> address as the source address. Shouldn't it appear to be
> David> coming from the leftsourceip address? Thanks! Here's my
>
> No.
> lefsourceip= sets the source IP for packets in the tunnel.
>
> The IKE packets MUST go out with your actual IP address. Otherwise,
> how would you communicate on the network?
Also, it seems you are trying to communicate to the outside world (the world
beyond eth0) with your intenral interface (not eth0, prob eth1). That does
not work.
you will need to use your external IP address for communication, and therefor
put that in the configuration file.
Paul
More information about the Users
mailing list