[Openswan Users] SuSE 9.2 tunneling 2 LANS
Tom Reijnders
reijnders at tor.nl
Thu Mar 10 08:58:47 CET 2005
L.S.,
I solved my problems. I was strugling with the way ipsec is implemented in
6.2 and how to get the firewall (SuSEfirewall2) to handle it properly.
In the end, it all boiled down that to firewall configuration problems.
- On the linux gateway I added:
leftsourceip= < LAN ip address>
(Or you hav to set up a second tunnel to allow traffic from the public IP
address to the other LAN)
All this is necessary because of the way masquerading kicks in now.
In the firewall (SuSEfirewall2) I had to (besides allowing the normal isakmp,
esp, ah settings) set the TRUST_IPSEC to int and ALLOW_CLASS_ROUTING to true.
This makes sure that ipsec traffic is treated as internal traffic, and the
second setting allows routing between internal interfaces.
> L.S,
>
> I've got SuSE 9.2 and SuSE's OpenSwan on 2 linux machines. I have
> setup a tunnel between 2 LAN's using the linux boxes as gateways. I
> can reach the LAN addresses of both gateways through the tunnel, but
> I cannot get through from a PC on the 1 LAN to the other LAN
>
> Any suggestion is appreciated.
>
> _______________________________________________
> Users mailing list
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users
--
TOR Informatica
reijnders at tor.nl
More information about the Users
mailing list