[Openswan Users] Test site-site tunnel in a limited environment

wang juntao wjt.eric at gmail.com
Fri Jul 29 20:52:57 CEST 2005

Hi, everyone!

To setup a site-site ipsec tunnel ,we need at least 4 computers (i
think),unfortunately I got only three,so I have to just setup an
tunnel like this

192.168.1.*                211.211.211.*            192.168.2.*
all computer are connected with switch,no router is involved.gwA is a
Real computer running openswan,and gwB is a VMware with two virtual
adapters,this VMware is running on clinetB, which is a Real computer.
clientA is a Real computer running winXP,Do i make this stuff clear?

client A use ip default route is gwA:
client B use ip default route is gwB:
gwA use ip to contact gwB:,I use these
IP to simulate a public network.gwA and gwB point their default route
to each other.I think that will work.

I started with a manual key tunnel ,the conn define on gwA goes like this
conn manual-test

the conn define on gwB is quite similar.
When I ping client B from client A,I can see ESP packets on gwB but
they just got there and nothing happened.
I don't know if this is caused by the wrongly defined conn,or by the
strange network structure.Do I have to get another computer,or there
is any thing wrong in my conn define?

Thanks in advance!

More information about the Users mailing list