[Openswan Users] %defaultroute not working
David Jao
djao at dominia.org
Tue Jul 1 11:01:10 EDT 2008
Hi,
I am using Openswan to encrypt wireless network packets on my LAN (a
rather common usage scenario, as I understand it).
I have a dhcp server on 192.168.0.2 that doubles as a NAT gateway for
192.168.0.0/24. The gateway runs freeswan-2.06, and my laptop on the
LAN runs openswan. I am using the following configuration to encrypt
packets traveling between the laptop and the internet:
config setup
conn gateway-laptop-net
left=192.168.0.2
leftid=@gateway
leftsubnet=0.0.0.0/0
right=%defaultroute
rightid=@laptop
auto=start
compress=no
keyingtries=1
ikelifetime=15m
keylife=15m
rekeymargin=5m
leftrsasigkey=...
rightrsasigkey=...
Previously, I ran openswan 2.4.9 on my laptop, and this configuration
worked perfectly. After upgrading to 2.6.14, the same configuration
does not work anymore unless I replace %defaultroute with my laptop's IP
address (which I do not want to do, because my laptop uses dhcp, and I
do not necessarily know its IP address ahead of time). I have been
informed that the problem is not a bug in openswan but rather is a
problem with my configuration.
Does anyone have any idea how I can configure this IPsec tunnel without
having to specify my laptop's IP address ahead of time? Thanks!
-David
More information about the Users
mailing list