[Openswan Users] ip conflict question
TrevorBenson at a-1networks.com
Fri Dec 2 12:58:54 CET 2005
> -----Original Message-----
> From: users-bounces at openswan.org [mailto:users-bounces at openswan.org]
> Behalf Of Paul Wouters
> Sent: Friday, November 25, 2005 1:18 PM
> To: Nick
> Cc: users at openswan.org
> Subject: Re: [Openswan Users] ip conflict question
> On Fri, 25 Nov 2005, Nick wrote:
> > I also got to thinking about another possible ip conflict problem.
> > Let's say that one roadwarrior gets an IP of 10.0.0.67, and connects
> > the ipsec gateway. All is well for him.
> > Then another roadwarrior at some other location gets the same
> > address of 10.0.0.67. Now what happens when this user tries to
> > the ipsec gateway?
> > One of these (or both) users would be SOL (not sure how openswan
> > handle duplicate virtual ips). This seems like it would be unlikely
> > unless you had a lot of users, but still it could happen.
> > I was thinking about the l2tp or dhcp-over-ipsec option to get the
> > roadwarrior an ip from the LAN, but before any of that can happen
> > the underlying ipsec connection (with the possible ip conflict) have
> > work? With that assumption, then these other options wouldn't
> > with that problem anyway.
> That's correct. I believe IKEv2 might fix this, but I'm not sure.
Wouldn't this just be handled by both of the 10.0.0.67 IP's coming from
a different NAT device, with a different public IP?
> Users mailing list
> Users at openswan.org
More information about the Users