[Openswan Users] Informing about networks which are behind the VPN in split tunnel config.
Oguz Yilmaz
oguzyilmazlist at gmail.com
Tue May 6 09:01:42 EDT 2008
In our topology,
LAN (10.0.0.0/8) - SW(10.0.0.1) - VPNRouter (10.0.0.2) +++ VPN Users
172.16.10.0/24
Our VPN users connect and are assigned an IP from 172.16.10.0/24 subnet by
l2tpd. There are configured as split-tunnel. That is, they use internet
directly not over VPNRouter.
How can I automatically inform VPN clients about 10.0.0.0/8 subnet
connections should go over VPNRouter?
Best Regards,
Current ipsec.conf:
version 2.0
config setup
interfaces="ipsec0=eth0"
klipsdebug=none
plutodebug=none
nat_traversal=yes
uniqueids=yes
virtual_private=%v4:
10.0.0.0/8,%v4:172.16.0.0/12,%v4:192.168.0.0/16,%v4:!192.168.1.0/24
conn %default
auto=start
conn labris.l2tp
authby=secret
left=INTERNETIP
right=%any
rightsubnet=vhost:%no,%priv
leftnexthop=INTERNETROUTER
auth=esp
rightprotoport=17/1701
auto=add
keyingtries=3
pfs=no
leftprotoport=17/1701
rekey=no
rightid=%any
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20080506/6552c686/attachment.html
More information about the Users
mailing list