[Openswan Users] Old user having troubles with new techniques
Larry Brown
larry.brown at dimensionnetworks.com
Mon Jul 5 19:39:06 EDT 2010
On Mon, 2010-07-05 at 19:00 -0400, Paul Wouters wrote:
> >
> >
> > So close guys... Does anyone know how to dynamically set the leftsubnet
> > value when the roadwarrior connects? I'm thinking this is my last
> > hurtle here...
>
> rightsubnet=vnet:%priv
>
> You will need to use openswan 2.6.27 or 2.6.28dr*
>
> Paul
Awesome! Thanks to everyone for the assistance. I should now be able
to take the roadwarrior behind anyone's NAT and make connections in. I
have not tested back outside of the NAT and am some distance from my
test unit so I'll confirm tomorrow. However, in case someone else has
this issue and follows this thread my final ipsec.conf looks like
follows.
RoadWarrior:
version 2.0
config setup
nat_traversal=yes
virtual_private=%v4:192.168.0.0/16,%v4:10.0.0.0/8,$v4:!172.16.0.0/24
oe=off
protostack=netkey
conn road
left=%defaultroute
leftid=@rw1
leftrsasigkey=0sA...N
right=10.45.212.71
rightsubnet=172.16.0.0/24
rightid=@ogw
rightrsasigkey=0sA...P
auto=add
OfficeGateway:
version 2.0
config setup
nat_traversal=yes
virtual_private=%v4:192.168.0.0/16,%v4:10.0.0.0/8,$v4:!172.16.0.0/24
oe=off
protostack=netkey
conn road
left=10.45.212.71
leftid=@ogw
leftsubnet=172.16.0.0/24
leftrsasigkey=0sA...P
right=%any
rightid=@rw1
rightsubnet=vnet:%priv
rightrsasigkey=0sA...N
auto=add
Thanks again!
More information about the Users
mailing list