[Openswan Users] Tunneling IPv6 over IPsec+IPv4
i.grok at comcast.net
i.grok at comcast.net
Sun Aug 29 19:23:46 EDT 2010
I'm trying to set up a roadwarrior configuration which has the outer
addresses being IPv4 and the inner addresses being IPv6. This way, I can
avoid address overlap between RFC1918 addresses used on the road vs.
RFC1918 addresses on my network.
Looking at the man ipsec_pluto, there is discussion of a distinction
between host (outer) addresses and client (inner) addresses, so this
should be possible, but I haven't succeeded entirely.
Here's my attempt:
conn rw--net
connaddrfamily=ipv6
left=%any
leftsourceip=2001:db8:1::1
leftsubnet=2001:db8:1::/64
leftrsasigkey=%cert
leftcert=rw
right=192.0.2.1
rightsourceip=2001:db8::1
rightsubnet=2001:db8::/64
rightrsasigkey=%cert
rightcert=gw
auto=add
This generates no errors at the commandline when I do ipsec setup start,
but the connection does not show up when I do ipsec auto --status
If I change %any to a specific IPv4 address, this works, but rather
defeats the purpose of having a roadwarrior configuration...
Is this a bug, or should I be doing something differently?
More information about the Users
mailing list