[Openswan Users] netkey communication issue with local subnet
Paul Wouters
paul at xelerance.com
Tue May 25 16:01:13 EDT 2010
On Mon, 24 May 2010, David Price wrote:
> I have a VPN connection on an OpenWRT Backfire 10.03 router. The VPN is
> working fine. This is the first time I am using NETKEY, so I'm not sure
> if this is normal or not. But, as soon as the VPN connection is
> established I lose the ability for the router (10.200.3.254) and its
> local internal network (10.200.3.*) to communicate (in either
> direction). However, every other communication in every direction works
> just fine.
>
> Do I need to add something to my configuration to keep this from
> happening with NETKEY?
> conn VPNConn
> left=%defaultroute
> right=x.y.z.a
> leftsubnet=10.200.3.0/24
> rightsubnet=10.0.0.0/8
[...]
You should add:
conn VPNConn-passthrough
left=%defaultroute
right=0.0.0.0
leftsubnet=10.200.3.0/24
rightsubnet=10.200.3.0/24
authby=never
type=passthrough
auto=route
See also: /etc/ipsec.d/examples/hub-spoke.conf
Paul
More information about the Users
mailing list