[Openswan Users] Private & Public Internet IPs

Phillip T. George phillip at eacsi.com
Thu Jul 7 17:43:42 CEST 2005


Nevermind...figured out I just had to specify the private IP as the 
"left" and specific the public IP as the "leftid".  Simple stuff!  Just 
got in a hurry and in a panic :)

-Phillip

Phillip T. George wrote:

> It seems I keep having more and more fun issues with VPNs :)  Okay, 
> the issue of the day is that I have a location that has a private 
> internet IP and a public internet IP.  All information that is sent to 
> the public IP is set to the private IP and all information that is 
> sent to the private IP is sent to the public IP.  The issue is that 
> OpenSwan likes to match keys via IPs and uses IPs for identification.  
> I receive this error when I use the public IP information:
> ... : We cannot identify ourselves with either end of this connection.
>
> When I use the private IP, it cannot maintain the connection of 
> course.  The left side can't properly identify the right side, because 
> the left side is using the private IP and claims that its the private 
> IP, so the right side basically says "I'm not sure if this is the 
> right host...." and doesn't connect.  If I set both sides to the 
> private IP, then of course the connection can't be made at all.  I 
> messed with %defaultroute on the left side (private IP), to see if 
> that would help a bit, but it didn't.
>
> I'm thinking the solution should be that the public IPs need to be on 
> the both side.  Now on the left side, it needs some kind of way to 
> figure out which host it is....how do I do this?
>
> Thanks,
> Phillip
> _______________________________________________
> Users mailing list
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users



More information about the Users mailing list