[Openswan Users] Openswan netkey
Randy Wyatt
rwyatt at nvtl.com
Sat Nov 6 17:08:18 EDT 2010
Hi,
You actually need to use iptables on the openswan box.
You need a rule similar to the following
iptables -t nat -A POSTROUTING -s 192.168.1.0/24 ! -d 10.0.2.0/24 -j MASQUERADE
otherwise packets will be masqueraded.
Regards,
Randy
-----Original Message-----
From: users-bounces at openswan.org on behalf of Andris Lismanis
Sent: Wed 11/3/2010 10:36 AM
To: users at openswan.org
Subject: [Openswan Users] Openswan netkey
Hi,
I'm trying to setup Openswan IPsec VPN. My setup is NATed at both ends as following:
192.168.1.0/24 lan ----- 192.168.1.200 (openswan)--adsl (nat-t)------internet------(nat-t)adsl----10.0.2.15(openswan) rw
I have managed to succefully establish a tunnel between the NATed gateway and NATed roadwarrior. The problem I have is that I cannot ping each other or the subnet from rw. I don't use any iptables or any other firewall software on gateway. The only ports open on ADSL router are 500 and 4500 (UDP).
I have searched around the google for various examples but haven't come across anything that works. Can someone please advice.
Thanks,
Andris
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20101106/4739cc56/attachment.html
More information about the Users
mailing list