[Openswan Users] Openswan netkey
rwyatt at nvtl.com
Sat Nov 6 17:08:18 EDT 2010
You actually need to use iptables on the openswan box.
You need a rule similar to the following
iptables -t nat -A POSTROUTING -s 192.168.1.0/24 ! -d 10.0.2.0/24 -j MASQUERADE
otherwise packets will be masqueraded.
From: users-bounces at openswan.org on behalf of Andris Lismanis
Sent: Wed 11/3/2010 10:36 AM
To: users at openswan.org
Subject: [Openswan Users] Openswan netkey
I'm trying to setup Openswan IPsec VPN. My setup is NATed at both ends as following:
192.168.1.0/24 lan ----- 192.168.1.200 (openswan)--adsl (nat-t)------internet------(nat-t)adsl----10.0.2.15(openswan) rw
I have managed to succefully establish a tunnel between the NATed gateway and NATed roadwarrior. The problem I have is that I cannot ping each other or the subnet from rw. I don't use any iptables or any other firewall software on gateway. The only ports open on ADSL router are 500 and 4500 (UDP).
I have searched around the google for various examples but haven't come across anything that works. Can someone please advice.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Users