[Openswan Users] Roadwarrior Configuration

Glenn MacGregor gtm at highstreetnetworks.com
Tue Mar 22 09:21:00 CET 2005


Trevor,

Thanks for the info. So if I setup proxy arp on my external interface (or
internal interface) when I make the ipsec connection from my laptop to my
openswan box I will beable to see my whole network?

Thanks

 Glenn

Quoting Trevor Hennion <trevor-os at thennion.demon.co.uk>:

> On Tuesday 22 Mar 2005 02:06, Glenn MacGregor wrote:
> > Hi All,
> >
> > Sorry for all the posts...I am trying to get a road warrior setup.
> Floowing
> > the instructions I found, I set the linux server config and got the
> > ipsec.exe on windows. Setting the config on windows and running ipsec on
> > windows works fine. I can ping the inside interface of the openswan box
> > (linux). This is great! Getting there!
> >
> > Now, I am having problems accessing the rest of the network. I can not
> ping
> > anything else on the network. I assume this has to do with routing
> > somehow...but I can't figure how.
> >
> > When I IPSec into the linux box as a roadwarrior from windows I assume
> that
> > openswan has to give that tunnel an ip in the local network, is this
> > correct? This doesn't seem to be happening.
> >
> > Any help would be great.
> >
> > Thanks
> >
> > Glenn MacGregor
> > HighStreet Networks
> >
> 
> Glenn,
> 
> Straight IPSec does not give you an IP address from the local network.
> For example I connect from my desktop with IP 192.168.1.10 via an office
> IPSec 
> gateway with a routable address to a system in the office, and the connection
> 
> is from 192.168.1.10. The office system also has a routeable address.
> All the systems involved have to have unique IP addresses, so that routing
> can 
> succeed. The office IPSec gateway has proxy_arp set so that the other office
> 
> systems get to know where to send their return data for 192.168.1.10. 
> echo 1 > /proc/sys/net/ipv4/conf/all/proxy_arp
> 
> HTH
> 
> Trevor Hennion
> http://www.infocentrality.co.uk
>  
> _______________________________________________
> Users mailing list
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users
> 


Glenn MacGregor
HighStreet Networks

-------------------------------------------------
This mail sent through IMP: http://horde.org/imp/


More information about the Users mailing list