[Openswan Users] Openswan with NETKEY and monitoring data

Mark Dalton mdalton at princeton.edu
Fri Apr 8 12:59:41 EDT 2011

On 04/08/2011 12:23 PM, Paul Wouters wrote:
> On Fri, 8 Apr 2011, Mark Dalton wrote:
>> I just need a pointer in the right direction, I am not sure why I needed
>> to have:
>>       leftsubnet=
>>     versus
>>       leftsubnet=
>>   >  They need to re-identify their permitted traffic (on Cisco it is
>>   >  done
>>   >  in the Crypto ACL) to allow any IP traffic to the mobile pool, not
>>   >  just one host. This is to mirror-reverse match what we have
>>   >  configured on our side -
>>   >
>>   >  IPSEC FLOW: permit ip
> Because they told you that their end is and your
> end is It's not openswan telling you something. It is the
> cisco people who are telling you to use that.
> Paul

I understand that they are telling me to do this.   However again.. Back
to the question..

Is there a way I can access the traffic on my side to see the src/dst for
each packet going to these devices.. or redirect all traffic from them
over a secondary ethernet and out to the internet?

I am more of a parallel programmer than a systems guy..


More information about the Users mailing list