[Openswan Users] SOLVED (partially): VPN client IP addressing configuration issues
Rolando Zappacosta
zappacor at yahoo.com.ar
Mon Sep 8 13:36:12 EDT 2008
Hi Peter,
thanks, was just going to ask that, I'm running:
Linux Openswan U2.4.13/K2.6.26-tuxonice (netkey)
that's the one Gentoo pulls in and couldn't configure it :-(
What's the earliest version it works?
Rolando.
--- On Mon, 9/8/08, Peter McGill <petermcgill at goco.net> wrote:
> From: Peter McGill <petermcgill at goco.net>
> Subject: Re: [Openswan Users] SOLVED (partially): VPN client IP addressing configuration issues
> To: "Rolando Zappacosta" <zappacor at yahoo.com.ar>
> Cc: "Paul Wouters" <paul at xelerance.com>, users at openswan.org
> Date: Monday, September 8, 2008, 3:01 PM
> Rolando,
>
> In case rightsubnets doesn't work (it only works on
> newer versions.)
> The former method which works on any version is to make a
> duplicate
> conn definition, give it a different name and rightsubnet.
>
> Peter
>
> Paul Wouters wrote:
> > On Sat, 6 Sep 2008, Rolando Zappacosta wrote:
> >
> >> However, most of the hosts I need to reach are on
> the AAA.0.0.0/8 but if I configure:
> >> right=AAA.BBB.CCC.DDD
> >> rightsubnet=AAA.0.0.0/8
> >> I loose all the connectivity as I loose the
> reachability of the GW itself.
> >>
> >> How can I deal with this?
> >> Can I add a whole subnet with the excpetion of a
> single host (the GW)?
> >
> > Add a 'passthrough' connection. See
> /etc/ipsec.d/examples/passthrough.conf
> >
> >> Besides, how can I add multiple subnets at once
> (kinda rightsubnet="AAA.0.0.0/8, III.JJJ.0.0/16,
> PPP.QQQ.RRR.0/24)
> >
> > rightsubnets="aaa.0.0.0/8, iii.jjj.0.0/16,
> ppp.qqq.rrr.0/24"
> >
> > Paul
> > _______________________________________________
> > Users at openswan.org
> > http://lists.openswan.org/mailman/listinfo/users
> > Building and Integrating Virtual Private Networks with
> Openswan:
> >
> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
> >
More information about the Users
mailing list