[Openswan Users] Setting up for IPSEC / L2TP VPN Server under Red Hat

Paul Wouters paul at xelerance.com
Tue Sep 22 18:11:18 EDT 2009


On Tue, 22 Sep 2009, Jeremy Wilson wrote:

> Paul Wouters wrote:
>> Add an include for /etc/ipsec.d/no_oe.conf
>
> Adding those lines has made it work - I can establish a tunnel and it
> hands off to xl2tpd correctly now.  Thanks!
>
> Once connected I can ping and ssh to the gateway box but not anywhere
> else on the network, although there is routing in place on the box and
> ip.forward is set - any suggestions for dealing with that?

If your IPsec gateway is the default gateway for the range of IP's you
are handing out for L2TP, then ensure you have the proper NAT rules in
place. If the IPsec gateway is not the default gateway, life becomes
pretty complicated, and you're best bet is to NAT all ips to the IPsec
gateway's public IP (excluding NAT for the local networks of course)

Paul


More information about the Users mailing list