[Openswan Users] Open Swan -> DSL -> Linksys
Walter Wickersham
wwickersham at printinc.com
Mon Jul 18 09:32:42 CEST 2005
rightnexthop=192.168.2.1
should be a public internet address, more specifically, it should be the IP address of that DSL modem's gateway
for example, you list right=123.123.23.2
if your dsl modem/cable modem's default gateway is 123.123.23.1
then rightnexthop=123.123.23.1 is what you should have, not an internal 192.168.x.x ip address that isnt routable over the internet
-----
Walter Wickersham
-----Original Message-----
From: users-bounces at openswan.org [mailto:users-bounces at openswan.org]On
Behalf Of Peter Osborne
Sent: Monday, July 18, 2005 8:04 AM
To: users at openswan.org
Subject: [Openswan Users] Open Swan -> DSL -> Linksys
Hi,
I'm trying to connect Openswan to a Linksys VPN router. I have it working fine
with once site that has the Linksys VPN connected directly to the Internet
with a public IP address.
I am now trying to connect a second Linksys VPN but the second site has an odd
configuration. The DSL provider provides a problematic all-in-one modem/
router. The DSL modem/router has a static public IP address, on the inside it
has an address of 192.168.2.1, the Linksys VPN is plugged directly into it
and has an IP of 192.168.2.2. The DSL modem/router is configured to expose
192.168.2.2 as a virtual host so all incoming traffic to the public IP will
be redirected to the Linksys VPN.
This is the entry that I am using in my ipsec.conf:
conn remote_to_local
right=123.123.23.2
rightid=192.168.2.2
rightsubnet=192.168.50.0/24
rightnexthop=192.168.2.1
left=155.155.55.2
leftsubnet=192.168.0.0/24
leftnexthop=155.155.55.1
keyexchange=ike
ikelifetime=240m
keylife=60m
pfs=yes
compress=no
authby=secret
auto=add
The tunnel comes up but I cannot move any traffic across it. Can anyone help
me out?
Thanks,
Pete
_______________________________________________
Users mailing list
Users at openswan.org
http://lists.openswan.org/mailman/listinfo/users
More information about the Users
mailing list