[Openswan Users] Openswan & Linksys BEFSX41 VPN Router

Peter McGill petermcgill at goco.net
Mon Jan 21 13:54:45 EST 2008


It depends what you want to do.
If you want to route additional traffic through the tunnel, you must add additional
conn and subnet definitions.
If your just talking plain routing in your lan or whatever, no ipsec involved, then
read the man pages for ip route. If your looking for advanced routing and/or QoS,
then it gets quite complicated. Perhaps you could elaborate more what your trying
to do? The more detail you provide the easier it will be to answer. If your just looking
to learn in general then consult the documentation howtos, man pages, etc...
To learn iptables, there is good documentation to get you started at the iptables
main site, netfilter.org. There is good links for advanced routing at:
http://en.wikipedia.org/wiki/Iproute2
 
Peter McGill
 


  _____  

From: richard garcia [mailto:splender99 at gmail.com] 
Sent: January 21, 2008 1:30 PM
To: petermcgill at goco.net
Cc: users at openswan.org
Subject: Re: [Openswan Users] Openswan & Linksys BEFSX41 VPN Router


Thanks Peter, I already have a succesful VPN connection with Linux OpenSWAN & Linksys BEFSX41 router using the configuration you
listed below, linksys has similar settings.  However, I'm not sure if its okey with you guys to ask the question how can I route the
trafic in Linux, I was testing with routes and iptables but im not that good with Linux routing. 
 
Regards,
 
Richard


On Jan 21, 2008 10:45 PM, Peter McGill <petermcgill at goco.net> wrote:


To have traffic flow to/from 192.168.8.0/24 and 192.168.2.0/24 you need to have subnets in openswan for them.
ie)
 
conn <whatever you have>
    leftsubnet=172.168.8.0/24
    leftsourceip=172.168.8.110 <http://172.168.8.110/> 
    rightsubnet=192.168.2.0/24
 
Don't know the linksys settings to match this, but the linksys will also need the left/right subnets set in the ipsec settings. 
 
Also, the hosts in 172.168.8.0/24 will need to know to route traffic for 192.168.2.0/24 to 172.168.8.110 <http://172.168.8.110/> ,
either by having
172.168.8.110 <http://172.168.8.110/>  as the default gateway for the subnet or by putting a static route on the default gateway to
forward traffic 
for 192.168.2.0/24 to 172.168.8.110 <http://172.168.8.110/> . 
 
 
Peter McGill
 


  _____  

From: users-bounces at openswan.org [mailto:users-bounces at openswan.org  <mailto:users-bounces at openswan.org> ] On Behalf Of richard
garcia
Sent: January 19, 2008 10:16 AM
To: users at openswan.org
Subject: [Openswan Users] Openswan & Linksys BEFSX41 VPN Router 


Hi, I'm new to openswan, I was able to establish a connection using Ubuntu Openswan and a Linksys BEFSX41 VPN Router.   Below is the
layout of the setup
 
                                                   192.168.1.10 <http://192.168.1.10/>          WAN              192.168.1.12
<http://192.168.1.12/> 
                                                 172.168.8.110/24
172.168.8.3/24 ----------------------->    OPENSWAN  ------------------------->  BEFSX41  --------------------------------->
192.168.2.2/24  <http://192.168.2.2/24> (Windows)
 
>From 192.168.2.2 <http://192.168.2.2/> , I can ping 172.168.8.110 <http://172.168.8.110/> .  However I need to connect to
<http://172.168.8.3/> 172.168.8.3, ping to this host is request timeout. From 172.168.8.110 <http://172.168.8.110/> , cannot ping
any pcs in 192.168.2.2 <http://192.168.2.2/> .
Im not very good at iptables and routing in Linux, can anyone help me?
 
Regards,
 
splender99


-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20080121/48997819/attachment.html 


More information about the Users mailing list