[Openswan Users] Ping From Gateway to Remote Network
Patrick Ford
fenderdood at gmail.com
Mon Mar 5 12:53:25 EST 2007
The problem is that the GW tries to send packet through the tunnel from its
public address, which does not match the encryption domain. You can remedy
this by hide natting (source natting) all traffic destined to an encryption
domain from the GW to its internal ip address. i.e.
iptables - t nat POSTROUTING -s <PUBLIC IP OF GW> -d <ENCRYPTION DOMAIN> -j
SNAT --to-source <INTERNAL IP OF GW>
of course this is the Linux solution. Other OS's I couldn't really tell you
how to use the NAT.
On 05/03/07, Fernando Blankleder <fernandoblankleder at gmail.com> wrote:
>
> Hi, i'm having problems pinging from my ipsec gateway to remote network,
> everything else works great, any clues ? i used to do it with routing but i
> lost my script :(
>
> Thanks
> Fernando Blankleder
>
>
> _______________________________________________
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users
> Building and Integrating Virtual Private Networks with Openswan:
> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
>
>
--
Computers are incredibly fast, accurate, and stupid; humans are incredibly
slow, inaccurate and brilliant; together they are powerful beyond
imagination.
-- Albert Einstein
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20070305/41d472ce/attachment.html
More information about the Users
mailing list