[Openswan Users] NAT?

Snitgen, John John.Snitgen at tnsi.com
Tue Mar 14 14:51:36 CET 2006


I'm having trouble getting traffic routed over my IPsec tunnel.
Here's what I have:

Linux box (running version 2.6.14.4, Openswan 2.4.4) with a local Ioopback interface with IP address 10.1.1.1, and an ethernet interface with IP address 192.168.1.2
PC with IP address 192.168.1.1, connected via hub to the Linux box ethernet interface
Linux box ipsec.conf: leftsubnet=10.1.1.1/32, rightsubnet=10.2.2.0/24

If I ping from the Linux box using the command 'ping -I 10.1.1.1 10.2.2.76' it successfully traverses the IPsec tunnel, the ping appears to originate from 10.1.1.1, and I get reply back across the tunnel.  This confirms that the IPsec tunnel is working like it should (according to these rules - leftsubnet=10.1.1.1/32, rightsubnet=10.2.2.0/24).

Now here's my problem - I want to ping/connect a TCP socket from the PC to 10.2.2.76, and have it appear to originate from address 10.1.1.1 across the IPsec tunnel.  Is this possible over an IPsec tunnel?  Using iptables?  How is it accomplished?

TIA,
John
 
 
This e-mail message is for the sole use of the intended recipient(s) and may 
contain confidential and privileged information of Transaction NetworkServices.  
Any unauthorized review, use, disclosure or distribution isprohibited.  If you 
are not the intended recipient, please contact thesender by reply e-mail and 
destroy all copies of the original message.


More information about the Users mailing list