[Openswan Users] Roadwarrior Configuration
Trevor Hennion
trevor-os at thennion.demon.co.uk
Tue Mar 22 08:00:35 CET 2005
On Tuesday 22 Mar 2005 02:06, Glenn MacGregor wrote:
> Hi All,
>
> Sorry for all the posts...I am trying to get a road warrior setup. Floowing
> the instructions I found, I set the linux server config and got the
> ipsec.exe on windows. Setting the config on windows and running ipsec on
> windows works fine. I can ping the inside interface of the openswan box
> (linux). This is great! Getting there!
>
> Now, I am having problems accessing the rest of the network. I can not ping
> anything else on the network. I assume this has to do with routing
> somehow...but I can't figure how.
>
> When I IPSec into the linux box as a roadwarrior from windows I assume that
> openswan has to give that tunnel an ip in the local network, is this
> correct? This doesn't seem to be happening.
>
> Any help would be great.
>
> Thanks
>
> Glenn MacGregor
> HighStreet Networks
>
Glenn,
Straight IPSec does not give you an IP address from the local network.
For example I connect from my desktop with IP 192.168.1.10 via an office IPSec
gateway with a routable address to a system in the office, and the connection
is from 192.168.1.10. The office system also has a routeable address.
All the systems involved have to have unique IP addresses, so that routing can
succeed. The office IPSec gateway has proxy_arp set so that the other office
systems get to know where to send their return data for 192.168.1.10.
echo 1 > /proc/sys/net/ipv4/conf/all/proxy_arp
HTH
Trevor Hennion
http://www.infocentrality.co.uk
More information about the Users
mailing list