[Openswan Users] Configure net-to-net vpn with both vpn, servers behind adsl nat routers
Utkarsh Shah
utkarsh at elitecore.com
Tue Mar 6 23:48:49 EST 2007
> Hi, I have the following scenario, and I would like to create a vpn with
> natt suport.
>
> LAN_1 ------ vpn server --- router adsl ------ internet---- router adsl
> ----- vpn server ----- LAN_2
>
> I've installed:
> openswan-2.4.7.tar.gz<http://www.openswan.org/download/openswan-2.4.7.tar.gz>
>
> I'm working with slackware 10.1 and kernel 2.16.12
>
> I have to install the kernell natt patch??
>
> Could someone help me with ipsec.conf file? I've been searching the internet
> without any result...
>
> Thanks.
>
> Xavi
i have achieved above scenario with following changes it might not be
perfect solution...
on adsl router apply portforwarding rules for UDP port 500 port 4500 and
proto esp(50) to your vpn server on both end
configure your ipsec.conf as below
conn net-to-net
left=10.0.1.2
leftid=@leftid
leftsubnet=192.168.0.0/24
right=remoteserver(domain name or ip which will identify adsl router)
rightid=@rightid
rightsubnet=192.168.1.0/24
authby=secret
auto=start
and your ipsec.secret as
@leftid @rightid : PSK "your preshared key"
Regards,
Utkarsh Shah
More information about the Users
mailing list