[Openswan Users] subnet -> internet

Thu Jan 22 10:50:30 EST 2009

I haven't tried this personally but I recall a thread on the list a few years ago.
It didn't work with subnet 0/0, probably because it is no more specific than the default route.
However I think they got it to work using two subnets, 0/1 and 128/1.

Peter McGill
IT Systems Analyst
Gra Ham Energy Limited 

> -----Original Message-----
> From: users-bounces at openswan.org 
> [mailto:users-bounces at openswan.org] On Behalf Of Hofferek Attila
> Sent: January 22, 2009 9:05 AM
> To: users at openswan.org
> Subject: [Openswan Users] subnet -> internet
> 
> Hi users!
> 
> I have a working configuration:
> 
> conn pannon
>          type=tunnel
>          left=a.b.c.d
>          leftnexthop=a.b.c.e
> 	leftsubnet=a.b.c.d/32
>          right=w.x.y.z
>          rightsubnet=172.31.228.0/23
>          spibase=0x200
>          keyexchange=ike
>          auth=esp
>          auto=start
>          keylife=24h
>          authby=secret
>          pfs=no
>          keyingtries=3
>          rekey=no
> 
> 
> a.b.c.d---a.b.c.e...w.x.y.z===172.31.228.0/23
> 
> I am the left side. I want to route the 172.31.228.0/23 
> network to the 
> internet. The a.b.c.d machine has got a direct internet 
> connection. What 
> to modify on my configuration? I tried leftsubnet=0.0.0.0/0 but there 
> was no traffic on ipsec0 with tcpdump -i ipsec0.
> 
> Thanks in advance!
> -- 
> Hofferek Attila
> _______________________________________________
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users
> Building and Integrating Virtual Private Networks with Openswan: 
> http://www.amazon.com/gp/product/1904811256/104-3099591-294632
> 7?n=283155