[Openswan Users] %no keyword in rightsubnet=
hiren joshi
joshihirenn at gmail.com
Fri May 16 04:20:46 EDT 2008
Hello,
As per the book
"building-and-integrating-virtual-private-networks-with-openswan" -
"For roadwarriors to work from public IPs as well as from behind NAT, you
must specify
rightsubnet=vhost:%no,%priv"
However, the following configuration works (I can ping the protected
networks) in both cases (with NAT, without NAT) even if I don't specify %no.
left:
conn rw_psk
leftsubnet=192.168.2.0/24
left=172.16.2.2
leftnexthop=172.16.2.1
right=%any
rightsubnet="vhost:%v4:0.0.0.0/0"
x_rightdynamic=yes
authby=secret
compress=yes
failureshunt=drop
pfs=yes
type=tunnel
right:
conn rw_psk
left=192.168.0.3
right=172.16.2.2
authby=secret
rightsubnet="192.168.2.0/24"
Am I misunderstanding the parameter %no?
Thanks for your time.
-hiren
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20080516/93b882fc/attachment.html
More information about the Users
mailing list