[Openswan Users] Nortel - Openswan - Road warrior configuration
- nearly there but need help.
Herbert Xu
herbert at gondor.apana.org.au
Fri Sep 24 22:17:03 CEST 2004
shad <shad.mortazavi at convergenceone.com> wrote:
>
> include /etc/ipsec.d/examples/no_oe.conf
>
> conn bwk
> right= 70.xy.xy.4
> rightsubnet=10.0.0.0/255.0.0.0
> pfs=yes
> compress=no
> rekey=yes
> authby=secret
> leftsubnet=192.y.x.48/255.255.255.240
>
> My routing table now looks like;
>
> 192.yy.xx.0/24 dev eth0 proto kernel scope link src 192.yy.xx.51
> 192.yy.xx.0/24 dev vmnet1 proto kernel scope link src 192.yy.xx.1
> 172.yy.xx.0/24 dev vmnet8 proto kernel scope link src 172.yy.xx.1
> 10.0.0.0/8 via 192.yy.xx.49 dev eth0
You are missing an src setting on this route. You can get it by setting
leftsourceip=192.yy.xx.51.
The gateway field of the route is ignored in the presence of IPsec policies.
--
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <herbert at gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
More information about the Users
mailing list