[Openswan Users] Linux-Linux IPsec Tunnel ends at the gateway:
no ping over the gateway in the next subnet
Foren
foren.titze at gmx.net
Tue Jul 5 21:25:27 CEST 2005
Paul Wouters schrieb:
> On Tue, 5 Jul 2005, foren titze wrote:
>
>> Although I have make conn roadwarrior and roadwarrior-net my ping from
>> the
>> roadwarrior to the subnet behind the vpn-gateway doesn't go through.
>
>
>> nat_traversal=yes
>
>
>> #virtual_private=%v4:10.0.0.0/24,%v4:192.168.121.0/24
>
>
> You must include virtual_private= for nat traversal. You must not include,
> but exclude your leftsubnet= range.
virtual_private must be 192.168.121.0/24 at the server and client, or?
>
>> conn tit-linux-net
>> leftsubnet=192.168.121.0/24
>> also=titze-linux
>>
>> conn tit-linux
>> rightnexthop=192.168.121.1
>
>
> It seems both left and right are in the same 192.168.121.0/24 subnet?????
No, only the Server has two Interfaces. One internal .121.0/24 and one
external.
The Client has only one interface with, here, an external IP. But when
the Client is nated, it has an internal IP.
>
> Paul
>
>
More information about the Users
mailing list