[Openswan Users] leftsourceip
Paul Wouters
paul at xelerance.com
Mon Dec 5 19:51:57 CET 2005
On Mon, 5 Dec 2005, Nick wrote:
> After looking at some other configs posted on the net, I noticed a
> parameter "leftsourceip" that I had not seen in the docs.
> I cannot seem to find any documentation about this parameter. Is there
> any reason that I shouldn't put this on all my tunnels?
The documentation is outdated and needs to be fixed.
> If not then is
> there an easy way to tell openswan to automatically pick an appropriate
> localip to use to make the configs a little easier?
There is currently no way to automate the parameter. It seems unlikely that
the leftsourceip= would change regularly, since it is the default gateway of
your subnet.
> It's just nice for troubleshooting if traceroutes and pings work from
> everywhere, and to be able to have secure communication between the 2
> gateways without having to define extra tunnels. I am just thinking that
> this seems to be such a great thing that I don't know why this behavior
> isn't default
It is dangerous to change the routing of your IPsec gateway. We prefer not
to do it unless absolutely neccessary.
Paul
--
"Happiness is never grand"
--- Mustapha Mond, World Controller (Brave New World)
More information about the Users
mailing list