[Openswan Users] Openswan with NETKEY and monitoring data

Paul Wouters paul at xelerance.com
Fri Apr 8 12:23:35 EDT 2011

On Fri, 8 Apr 2011, Mark Dalton wrote:

> I just need a pointer in the right direction, I am not sure why I needed 
> to have:
>      leftsubnet=
>    versus
>      leftsubnet=

>  > They need to re-identify their permitted traffic (on Cisco it is
>  > done
>  > in the Crypto ACL) to allow any IP traffic to the mobile pool, not
>  > just one host. This is to mirror-reverse match what we have
>  > configured on our side -
>  >
>  > IPSEC FLOW: permit ip

Because they told you that their end is and your
end is It's not openswan telling you something. It is the
cisco people who are telling you to use that.


More information about the Users mailing list