[Openswan Users] Road Warrior with NAT

Sun Oct 24 10:18:49 CEST 2004

Hi all

I have finally got NAT patched in my kernel, but now to get this tunnel 
to work.

Basically I would like to create like a road-warrior lan. (I have debian 
box that dials up for me, and I have a few other machines that are 
behind that box(MASQURADED)).

The VPN server I would like to connect to, is a Watchguard Firebox.
The IT person on that end gave me these details (Hope the info is 
complete to allow me to make this work).

==========================================
Status  Passphrase: "abc"
Configuration Passphrase: "abc"

DVCP Server Address: 1.2.3.4
Unique Name or ID: "xyz"
Shared Secret: "qaz"
==========================================

This, below, is my config file

==========================================
version 2.0
config setup
        #interfaces="ipsec0=ppp0"
        #forwardcontrol=no
        klipsdebug=
        plutodebug=
        #manualstart=
        #plutoload=%search
        #plutostart=%search
        #plutowait=no

conn road
        type=tunnel
        auth=esp
        #esp=3des-md5-96
        authby=secret
        pfs=yes
        left=%defaultroute             # Picks up our dynamic IP
        #leftnexthop=%defaultroute      #
        #leftid=@road.example.com       # Local information
        #leftrsasigkey=0sAQPIPN9uI...   #
        right=1.2.3.4               # Remote information
        rightsubnet=10.0.0.0/24        #
        #rightid=@xy.example.com        #
        #rightrsasigkey=0sAQOnwiBPt...  #
        auto=start                       # authorizes but doesn't start this
                                   # connection at startup
==========================================

If possible could someone please assit me on this configuration.
My subnet is 192.168.2.0/24.

Any assistants would greatly be appreciated.

Kind Regards
Brent Clark