[Openswan Users] How do i make "hideNat" on Linux/openswan?
Steinmetz, Heiko
Heiko.Steinmetz at ips-software.de
Mon Aug 8 15:18:17 CEST 2005
Hello,
i have the following problem:
i want to etablish a vpn connection between two sites, and one site must be hidden.
This is an one-side vpn connection.
Net (192.168.0.0/24) <--> FW(VPN openswan, 4.3.2.1) <-- Internet --> FW Partner (1.2.3.4) <--> Foreign Net (10.0.0.0/24)
Our firewall must be hideNat to IP Address 10.10.10.47/32. The foreignNet don't see the net 192.168.0.0/24.
How i make our config file?
conn netme-to-netpartner
# Left security gateway, subnet behind it, next hop toward left.
left=4.3.2.1
leftsubnet=192.168.0.0/24
leftnexthop=%defaultroute
# Right security gateway, subnet behind it, next hop toward right.
right=1.2.3.4
rightid=10.20.0.1
rightsubnet=10.0.0.0/24
authby=secret
pfs=no
# To authorize this connection, but not actually start it, at startup,
# uncomment this.
auto=start
The tunnel etablished successfully, but i can't route annything, since we hideNat to 10.10.10.47/32.
How do i make "hideNat" on Linux/openswan?
Thanks,
Heiko
====================================================================
IPS Software GmbH
Isaac-Fulda-Allee 9
55124 Mainz
tel: +49.6131.37577.0
fax: +49.6131.37577.55
-
Niederlassung München:
Grafinger Str. 2
81671 München
tel.: +49.89.18926780
fax.: +49.89.18926808
-
url: http://www.ips-software.de
====================================================================
Diese e-Mail enthaelt vertrauliche und/oder rechtlich geschuetzte
Informationen. Wenn Sie nicht der richtige Adressat sind oder diese
e-Mail irrtuemlich erhalten haben informieren Sie bitte sofort den
Absender und vernichten Sie diese e-Mail. Das unerlaubte Kopieren
sowie die unbefugte Weitergabe dieser e-Mail ist nicht gestattet.
-
This e-mail contains confidential and/or proprietary information.
If you are not the intended recipient or if you received the e-Mail
by mistake we ask you to notify the sender immediately and destroy
this e-Mail. The unauthorized reproduction or distribution of this
e-Mail is prohibited.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20050808/897d7fee/attachment-0001.htm
More information about the Users
mailing list