[Openswan Users] SOLVED (partially): VPN client IP addressing configuration issues
petermcgill at goco.net
Mon Sep 8 09:01:01 EDT 2008
In case rightsubnets doesn't work (it only works on newer versions.)
The former method which works on any version is to make a duplicate
conn definition, give it a different name and rightsubnet.
Paul Wouters wrote:
> On Sat, 6 Sep 2008, Rolando Zappacosta wrote:
>> However, most of the hosts I need to reach are on the AAA.0.0.0/8 but if I configure:
>> I loose all the connectivity as I loose the reachability of the GW itself.
>> How can I deal with this?
>> Can I add a whole subnet with the excpetion of a single host (the GW)?
> Add a 'passthrough' connection. See /etc/ipsec.d/examples/passthrough.conf
>> Besides, how can I add multiple subnets at once (kinda rightsubnet="AAA.0.0.0/8, III.JJJ.0.0/16, PPP.QQQ.RRR.0/24)
> rightsubnets="aaa.0.0.0/8, iii.jjj.0.0/16, ppp.qqq.rrr.0/24"
> Users at openswan.org
> Building and Integrating Virtual Private Networks with Openswan:
More information about the Users