[Openswan Users] FAQ: Having to provide a lot of local net info?
Paul Wouters
paul at xelerance.com
Fri Jul 10 01:32:09 EDT 2009
On Thu, 9 Jul 2009, Mauricio Tavares wrote:
> Subject: [Openswan Users] FAQ: Having to provide a lot of local net info?
>
> For my vpn connection to work, I have to provide the subnet and even
> the router info for my local network (the left side). How can I
> configure my /etc/ipsec.conf so it can figure all that information by
> itself?
>
> conn MyVPN
> authby=rsasig
> pfs=no
> auto=add
> rekey=yes
> keyingtries=3
> type=transport
> # Left (local)
> leftprotoport=17/1701
> left=%defaultroute
> leftnexthop=192.168.1.1
> leftsubnet=192.168.1.0/24
> leftcert=myvpn.crt
> leftrsasigkey=%cert
> # Right (VPN)
> [...]
You can use leftnexthop=%defaultroute (or leave it out as that is implied)
However, there is no way to "auto load" the subnet you're in as a leftsubnet=
Paul
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users
> Building and Integrating Virtual Private Networks with Openswan:
> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
>
More information about the Users
mailing list