[Openswan Users] Openswan 2.4, FC4 Question
Jacco de Leeuw
jacco2 at dds.nl
Sun Sep 18 18:20:18 CEST 2005
Darren Ellis wrote:
> VPN Server:
> Eth0 x.y.z.58/27, gw x.y.z.33 (External, public)
> Eth1 172.20.7.145/21
>
> Client side:
> Win2K: 192.168.0.62/24 (DHCP), gw 192.168.0.1, name servers are Adelphias.
> Linux-Shorewall firewall:
> Eth1: 192.168.0.1
> Eth0: Dynamic, Adelphia, currently 70.33.197.36
>
> config setup
> nat_traversal=yes
> virtual_private=%v4:10.0.0.0/8,%v4:172.16.0.0/12,%v4:192.168.0.0/16
You need to exclude your internal subnet here, i.e.:
virtual_private=%v4:10.0.0.0/8,%v4:172.16.0.0/12,
%v4:192.168.0.0/16,%v4:!172.20.7.145/21
If you are certain that only clients behind that Shorewall firewall
will be using the VPN then you could even write:
virtual_private=%v4:192.168.0.62/24
Jacco
--
Jacco de Leeuw mailto:jacco2 at dds.nl
Zaandam, The Netherlands http://www.jacco2.dds.nl
Mosquitos suck
More information about the Users
mailing list