[Openswan Users] Could I expect this to work in my LAN

Brett Curtis dashnu.mutt at gmail.com
Thu Feb 8 14:53:35 EST 2007


I was actually able to test this conn with an external machine. Works fine..
Only thing I had to change was my firewall masquerade line to exclude the
remote subnet. and visa versa..


On 13:49 Thu 08 Feb     , Brett Curtis wrote:
> I am testing a conn currently inside my LAN. This is the config
> 
> conn portland-tenn
>        type=tunnel
>        authby=rsasig
>        left=172.17.187.225
>        leftsubnet=172.19.187.0/24
>        leftid=@tenn.remote.net
>        leftrsasigkey=0sAQOdXXXXXXXXXXXXXXXX
>        leftnexthop=%defaultroute
>        right=172.17.187.1
>        rightsubnet=172.17.187.0/24
>        rightid=@port.local.net
>        rightrsasigkey=0sAQNXXXXXXXXXXXXXXXXXX
>        rightnexthop=%defaultroute
>        rekey=yes
>        auto=add
> 
> I use the same conn for both sides. What I am hoping for is the ability to
> ping 172.19.187.1 from right. I can not. The connection starts up fine but I
> do not see any added routes in my routing table.
> 
> Do I need to add my own routes? Or am I just way off thinking this will work?
> 
> Eventually this machine will be external and from each subnet I will want to
> reach the other subnet over the tunnel.
> 
> TIA
> -- 
> 
> Created with VIM & mutt.
> 
> "First things first -- but not necessarily in that order"
> 		-- The Doctor, "Doctor Who"

-- 

Created with VIM & mutt.

Quigley's Law:
	Whoever has any authority over you, no matter how small, will
	atttempt to use it.



More information about the Users mailing list