[Openswan Users] OpenSwan defaul route
Paul Wouters
paul at xelerance.com
Sun Jun 27 23:41:30 EDT 2010
On Sun, 27 Jun 2010, Gaiseric Vandal wrote:
> In the configuration below, the corporate side is the "right" side of the
> connection with a private LAN of 192.168.1.0/24.
> # basic configuration
> config setup
> # Debug-logging controls: "none" for (almost) none, "all" for lots.
> # klipsdebug=none
> # plutodebug="control parsing"
> nat_traversal=yes
Add: interfaces="%defaulroute"
> include /etc/ipsec.d/*.conf
>
> conn CORP
> type=tunnel
> #the following two lines work
> left=192.168.10.9
> leftsubnet=192.168.10.0/24
> #the following line did not work
> #left=%defaultroute
> leftid=@VPNusers
> leftxauthclient=yes
> right=x.x.x.x
> rightsubnet=192.168.1.x/24
> rightid=@CorporateRouter
> rightxauthserver=yes
> keyingtries=0
> pfs=no
> auto=add
> auth=esp
> esp=3des-sha1
> ike=3des-sha1-modp1024
> authby=secret
> aggrmode=yes
>
>
>
> ----------------------------------------------------------------------------
> ---------------------------------------------------
>
>
> The client is the "left" side the connection. Most remote clients will get
> an IP from a DHCP server.
>
> My home network is 192.168.10.0/24, and my home PC is currently
> 192.168.10.9.
You want to use left=%defaultroute then. But it requires the intefaces= line.
Paul
More information about the Users
mailing list