[Openswan Users] Openswan gateway behind NAT

Marcus Better marcus at better.se
Tue Jan 18 12:08:21 CET 2005

Paul Wouters wrote:
> I was under teh impression that you were setting up ipsec connections
> from a client in your network and that you had local network issues, 

Sorry I wasn't clear enough. It's difficult to describe a network setup 
in an e-mail...

The only real issue here is that the IPsec gateway is itself a member of 
the private subnet, and the whole subnet is behind a NAT router. When a 
road-warrior connects with its external, public IP address, the question 
is how to get traffic from the subnet to the road-warrior routed through 
the IPsec gateway.

I see now that this should be easier using virtual IP.


More information about the Users mailing list