[Openswan Users] Openswan + iptables

Sebastian Antunez Noguera santunez at gmail.com
Fri Oct 28 13:50:57 CEST 2005


Friends, I have install OpenSwan in Linux Suse 9.3,  that is also
firewall with iptables.  With they openSwan I need that some users
connect themselves from their house, when beginning ipsec, firewall
does not respond to requests of ping of the NIC (External - DMZ -
LAN), and I do not even have exit to Internet when activating IPSeC.

The eth0, this formed with a been worth IP, because other IP is used
with another Firewall for other services.

The made configuration is following/etc/ipsec.conf
config setup
      interfaces="ipsec0=eth0"
      klipsdebug=none
      plutodebug=none

conn users-LAN
      left=%defaultroute
      leftsubnet=192.168.2.0/24
      leftnexthop=%defaultroute
      right=%any
      rightnexthop=%defaultroute
      auto=add
# include/etc/ipsec.d/examples/no_oe.conf

/etc/ipsec.secret IP-Valida 0.0.0.0:  PSK "1234"

As I can form ipsec so that it does not affect firewall to me, and can
be operative along with openswan.

Thanks
Sebastian


More information about the Users mailing list