[Openswan Users] ipsec client with openswan problem

Paul Wouters paul at xelerance.com
Sun Nov 26 13:53:44 EST 2006

On Sun, 26 Nov 2006, Chun Cui wrote:

> notebook(> (
> --Internet--> VPN-Gateway(
> how can i config the ipsec.conf to connect the vpn gateway with PSK,
> with this conf i got always the errors:

>      auto=start
>      left=
>      #left=%defaultroute
>      leftid=@client
>      leftsubnet=

You cannot do this. leftsubnet is behind left, so left cannot be *in*

The easiest fix is to have your machine do the IPsec and NAT.
The second easiest fix is to renumber the IPsec server in the nat to be
something else, eg, and make sure the NAT router still
nat's for it. Then you can use

Actually, the zeroth easiest fix is to buy another $25/month DSL line,
and put the ipsec server directly on its IP.


More information about the Users mailing list