[Openswan Users] IPSEC Tunnel To NETASQ

Paul Wouters paul at xelerance.com
Mon Dec 20 05:50:06 EST 2010


> I'm so sorry but there are things I can't understand...
>
> My conf is :
>
> conn ses
>     type=tunnel
>     connaddrfamily=ipv4
>     authby=secret
>     salifetime=3600s
>     ike=aes-sha1
>     phase2alg=aes-sha1
>     left=7x.xxx.xxx.xx
>     right=8x.xxx.xx.xx
>     leftsubnet=192.168.50.0/24
>     rightsubnet=172.16.2.0/24
>
> If I don't put the public IP address of the NAT router in the 'right'
> field, how can it join it to make the tunnel ? Or shall I put the public
> IP address in another Place ?

Probably using this will work fine (assuming left= is your local side)

  conn ses
      type=tunnel
      connaddrfamily=ipv4
      authby=secret
      salifetime=3600s
      ike=aes-sha1
      phase2alg=aes-sha1
      left=%defaultroute
      leftid=7x.xxx.xxx.xx
      right=8x.xxx.xx.xx
      leftsubnet=192.168.50.0/24
      rightsubnet=172.16.2.0/24

Paul


More information about the Users mailing list