[Openswan Users] Gateways cannot access opposite networks - Openswan NETKEY
openswan at kernelpanic.ca
Fri Aug 6 09:15:48 EDT 2010
On Fri, Aug 06, 2010 at 07:14:44PM +1200, Ryan Davies wrote:
> Client A can ping and access Server B and Client B
> Client B can ping and access Server A and Client A
> Server A cannot ping or access Server B and Client B
> Server B cannot ping or access Server A and Client A
I think you are just missing a server to server conn in ipsec.conf. It
is basically the same as the conn below without the leftsubnet and
> conn Tunnel-to-Millers
> type = tunnel
> left=a.b.c.d (Server A's Public IP)
> right=w.x.y.z (Server B's Pubic IP)
I don't think you need the "type=" directive.
Why are you using 3des and md5?
> Im not sure if its routing or masquerading or what, when running a
you need to make sure that no IP is masqueraded when the destination
is the other network. OpenSwan should take care of the routing.
More information about the Users