[Openswan Users] NAT?
paul at xelerance.com
Wed Mar 15 06:35:33 CET 2006
On Tue, 14 Mar 2006, Snitgen, John wrote:
> Linux box (running version 126.96.36.199, Openswan 2.4.4) with a local Ioopback interface with IP address 10.1.1.1, and an ethernet interface with IP address 192.168.1.2
> PC with IP address 192.168.1.1, connected via hub to the Linux box ethernet interface
> Linux box ipsec.conf: leftsubnet=10.1.1.1/32, rightsubnet=10.2.2.0/24
> If I ping from the Linux box using the command 'ping -I 10.1.1.1 10.2.2.76' it successfully traverses the IPsec tunnel, the ping appears to originate from 10.1.1.1, and I get reply back across the tunnel. This confirms that the IPsec tunnel is working like it should (according to these rules - leftsubnet=10.1.1.1/32, rightsubnet=10.2.2.0/24).
> Now here's my problem - I want to ping/connect a TCP socket from the PC to 10.2.2.76, and have it appear to originate from address 10.1.1.1 across the IPsec tunnel. Is this possible over an IPsec tunnel? Using iptables? How is it accomplished?
Building and integrating Virtual Private Networks with Openswan:
More information about the Users