[Openswan Users] Subnets conmunication?

Peter McGill petermcgill at goco.net
Mon Jun 4 09:41:58 EDT 2007


> -----Original Message-----
> Date: Mon, 4 Jun 2007 01:09:07 -0600
> From: "IT Dept." <it at technovation.com.sv>
> Subject: [Openswan Users] Subnets conmunication?
> To: <users at openswan.org>
> 
>             I have the following scenario?
> 
>             Branch A          192.168.40.0/24
> 
>             Branch B          192.168.50.0/24
> 
>             Branch C          192.168.60.0/24
> 
>             Ubuntu 6.06 server (fresh install) running OpenSwan
> 
>             All branches are connected to the Openswan at a 
> public IP via
> Linksys routers ( very nice?no problem at all to connect)
> 
>             There?s no subnet behind the Openswan gateway, 
> (its only use is
> a gateway for the vpn?s)
> 
>             Now I have the 3 connection working. 
> Installation, configuration
> and connections are a really fast and easy job?.however I have a BIG
> problem?
> 
>             I can?t ping from branch A to Branch B or C?
> 
>             I really can?t ping any branch from any other?
> 
>             Can u help me please to make this VPN?s work?

Ok, ignore my previous mention of needed openswan's at each site, your
Linksys routers are doing that job. Here's what you need to do.

I'll have to guess at your conf, since you didn't send it, so modify this
Appropriately.

Assuming you have this.

conn net40-to-host
	rightsubnet=192.168.40.0/24
	a...

conn net50-to-host
	rightsubnet=192.168.50.0/24
	b...

conn net60-to-host
	rightsubnet=192.168.60.0/24
	c...

Add these.

conn net-40-to-net50
	leftsubnet=192.168.50.0/24
	rightsubnet=192.168.40.0/24
	a...	

conn net-50-to-net40
	leftsubnet=192.168.40.0/24
	rightsubnet=192.168.50.0/24
	b...	

Etc... Until all your subnets connect to all others.

Peter



More information about the Users mailing list