[Openswan Users] VPN one way encryption

Paul Wouters paul at xelerance.com
Mon Apr 20 20:07:30 EDT 2009


On Mon, 20 Apr 2009, Bram H wrote:

> I have a sort of working roadwarrior setup. I used http://www.natecarlson.com/linux/ipsec-x509.php to get it working (a few errors in the
> document). My roadwarrior consists of multiple PC's in a network, the gateway on that network connects to a central server. Both gateway
> and server are running openswan. So it must be possible to access the server from the pc's in the roadwarrior network and to access all of
> the PC's from the server.

Not sure I understand the setup.....

> Well, it works one way. I can connect to all of the client PC's from the server. With TCPDUMP I see esp packages traveling trough the
> network. But when I ping the server from one of the clients the traffic is just plain, it used the normal internet connection and not the
> tunnel.

If the clients are using a default gateway that is not the openswan box, then
you would see this. You would either need to add a route on the gateway to
the openswan box, or add a route on the clients to the openswan box.

Paul


More information about the Users mailing list