[Openswan Users] Host to net VPN question

Glenn MacGregor gtm at highstreetnetworks.com
Tue Mar 29 18:19:40 CEST 2005

Hi All,

I have been looking around for a week or so on how to create a host-to-net VPN
connection from a windows XP box to an openswan box.

Forgive me but I very confused. I can make the connection from the winxp box
using the free ipsec tool. I can ping the internal interface of the vpn box but
can get no futher. If I try to ping something on the inside and do a tcpdump on
the box I am pinging, I see the ping come in and the pong go out. The problem I
see is that openswan (kernel) has forwared the packet to the correct location.
The problem is that the ipaddress is the one that the dialup gave me, so the
return packet is going out the default gateway, not through the tunnel.

I have read about l2tp and proxy arp. I assume proxy arp won't work here because
the ip is not in the internal subnet.

What is the prefered method to handle this connection? Is it to use l2tp or can
I do something with iptables using NAT or something.



Glenn MacGregor
HighStreet Networks

This mail sent through IMP: http://horde.org/imp/

More information about the Users mailing list