[Openswan Users] Ipsec establish but cannot ping (routing
problem)
Paul Wouters
paul at xelerance.com
Fri Nov 19 18:24:52 CET 2004
On Fri, 19 Nov 2004, Cebu Inc wrote:
> Im pretty sure this is just routing problem, I can establish connection.
> this is my ipsec.conf
>
> config setup
> interfaces="ipsec0=eth0:3 ipsec1=eth3"
> nat_traversal=yes
> virtual_private=%v4:10.0.0.0/8,%v4:172.16.0.0/12,%v4:192.168.1.0/16
You are saying it is fine to have 192.168.1.0/24 behind nat
> conn wireless-net
> leftsubnet=192.168.1.0/24
But it is also part of your own end.
> conn wireless
> left=192.168.2.254
And this clashes as well.
> My wireless works just fine, my problem is my roadwarrior setup. The
> connection establish, but I cannot ping any internal ip's. Ipsec works if im
> in over lapping network.
I think it is more likely that you are pinging whatever device in the
internal network (internal to the laptop)
> laptop 192.168.1.0/24 -----> fw --------- internet ----------- fw -------
> 192.168.1.0/24 networkABC
This cannot work. An IP address cannot be at both places at once.
> if im connected like this where my laptop is behind 192.168.1.0/24 same thing
> as my networkABC, the connection works, I can ping and do everything else.
Are you sure? Are you not dailing out from the networkABC network ? I can't
imagine this works.
Paul
More information about the Users
mailing list