[Openswan Users]
Paul Wouters
paul at xelerance.com
Wed Aug 9 11:50:58 EDT 2006
On Wed, 9 Aug 2006, Andy Gay wrote:
> > You cannot use both %defaultroute and %any, because then openswan
> > cannot determine if it is left or right.
>
> You sure? I use that on a few systems, works OK.
>
> Quote from ipsec.conf(5):
> "If it is %defaultroute, and the config setup section's, interfaces
> specification contains %defaultroute, left will be filled in
> automatically with the local address of the default-route interface (as
> determined at IPsec startup time)"
Show me an "ipsec auto --replace conn" of such a connection :)
the problem is not grabbing a local IP address. The problem is how can
pluto know that it is the "server" or "client" in such a connection.
Paul
--
Building and integrating Virtual Private Networks with Openswan:
http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
More information about the Users
mailing list