[Openswan Users] NAT?
Paul Wouters
paul at xelerance.com
Wed Mar 15 06:35:33 CET 2006
On Tue, 14 Mar 2006, Snitgen, John wrote:
> Linux box (running version 2.6.14.4, Openswan 2.4.4) with a local Ioopback interface with IP address 10.1.1.1, and an ethernet interface with IP address 192.168.1.2
> PC with IP address 192.168.1.1, connected via hub to the Linux box ethernet interface
> Linux box ipsec.conf: leftsubnet=10.1.1.1/32, rightsubnet=10.2.2.0/24
>
> If I ping from the Linux box using the command 'ping -I 10.1.1.1 10.2.2.76' it successfully traverses the IPsec tunnel, the ping appears to originate from 10.1.1.1, and I get reply back across the tunnel. This confirms that the IPsec tunnel is working like it should (according to these rules - leftsubnet=10.1.1.1/32, rightsubnet=10.2.2.0/24).
>
> Now here's my problem - I want to ping/connect a TCP socket from the PC to 10.2.2.76, and have it appear to originate from address 10.1.1.1 across the IPsec tunnel. Is this possible over an IPsec tunnel? Using iptables? How is it accomplished?
leftsourceip=10.1.1.1
Paul
--
Building and integrating Virtual Private Networks with Openswan:
http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
More information about the Users
mailing list