[Openswan Users] SOLVED (partially): VPN client IP addressing configuration issues
Peter McGill
petermcgill at goco.net
Mon Sep 8 09:01:01 EDT 2008
Rolando,
In case rightsubnets doesn't work (it only works on newer versions.)
The former method which works on any version is to make a duplicate
conn definition, give it a different name and rightsubnet.
Peter
Paul Wouters wrote:
> On Sat, 6 Sep 2008, Rolando Zappacosta wrote:
>
>> However, most of the hosts I need to reach are on the AAA.0.0.0/8 but if I configure:
>> right=AAA.BBB.CCC.DDD
>> rightsubnet=AAA.0.0.0/8
>> I loose all the connectivity as I loose the reachability of the GW itself.
>>
>> How can I deal with this?
>> Can I add a whole subnet with the excpetion of a single host (the GW)?
>
> Add a 'passthrough' connection. See /etc/ipsec.d/examples/passthrough.conf
>
>> Besides, how can I add multiple subnets at once (kinda rightsubnet="AAA.0.0.0/8, III.JJJ.0.0/16, PPP.QQQ.RRR.0/24)
>
> rightsubnets="aaa.0.0.0/8, iii.jjj.0.0/16, ppp.qqq.rrr.0/24"
>
> Paul
> _______________________________________________
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users
> Building and Integrating Virtual Private Networks with Openswan:
> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
>
More information about the Users
mailing list