[Openswan Users] How to accept only VPN traffic
axel.mueller at avanux.de
Sun Jan 2 22:47:32 CET 2005
I'm using OpenSwan to encrypt WLAN traffic. Using FreeSwan on a 2.4
linux machine I used to accept DHCP trafiic on the WLAN interface but
blocked everything else. WLAN traffic besides DHCP was only accepted on
the ipsec0 interface.
Using OpenSwan on 2.6 kernel now (without klips) there is no ipsec0
interface anmore. Not a big problem I thought: Open port 500 on WLAN
interface, accept all traffic using protocol 50 and 51 and block
everything else. However, even though ipsec is up and running, traffic
from VPN client to VPN gateway still goes directly to destination port
(e.g. DNS to 53, HTTP to 80, etc.).
Is there anything wrong with the client side ipsec.conf (which I used
with OpenSwan / kernel 2.4) so far?
Does the line interfaces="ipsec0=ra0" make any sense if there is no
ipsec0 interfcae anymore?
Any hint would be appreciated :-)
More information about the Users