[Openswan Users] netkey communication issue with local subnet
David Price
davidp at bhi.com
Mon May 24 13:50:31 EDT 2010
I have a VPN connection on an OpenWRT Backfire 10.03 router. The VPN is
working fine. This is the first time I am using NETKEY, so I'm not sure
if this is normal or not. But, as soon as the VPN connection is
established I lose the ability for the router (10.200.3.254) and its
local internal network (10.200.3.*) to communicate (in either
direction). However, every other communication in every direction works
just fine.
Do I need to add something to my configuration to keep this from
happening with NETKEY?
TIA
-Dave
Here is my ipsec.conf:
version 2.0
config setup
nat_traversal=yes
nhelpers=0
oe=no
protostack=netkey
interfaces=%defaultroute
conn VPNConn
type=tunnel
keyexchange=ike
auto=start
auth=esp
rekey=yes
left=%defaultroute
authby=secret
dpdaction=restart
right=x.y.z.a
aggrmode=yes
ike=aes128-sha1-modp1536
leftid=@LEFTID
dpddelay=30
dpdtimeout=120
keylife=86400s
pfs=yes
esp=aes128-sha1
leftsubnet=10.200.3.0/24
leftsourceip=10.200.3.254
rightsubnet=10.0.0.0/8
More information about the Users
mailing list