[Openswan Users] Ports used by Openswan and enable internet browing from clients

Willie Gillespie wgillespie+openswan at es2eng.com
Tue Jan 25 10:39:59 EST 2011


When your clients connect in using L2TP, they are given an IP address. 
 From one of your earlier mails, you are giving them an IP in the range 
of 192.168.1.128 - 192.168.1.254.

Do you have IP forwarding enabled?  Somehow those IP addresses need to 
be able to access your gateway.

On 01/24/2011 11:26 PM, Mateen Fugawala wrote:
> I have disabled IPTABLES as I don’t really need them. Any other options?
>
> *From:*Indunil Jayasooriya [mailto:indunil75 at gmail.com]
> *Sent:* Tuesday, January 25, 2011 11:45 AM
> *To:* Mateen Fugawala
> *Cc:* Paul Wouters; Willie Gillespie; users at openswan.org
> *Subject:* Re: [Openswan Users] Ports used by Openswan and enable
> internet browing from clients
>
> On Tue, Jan 25, 2011 at 11:32 AM, Mateen Fugawala
> <mateen.fugawala at hotmail.com <mailto:mateen.fugawala at hotmail.com>> wrote:
>
> How do I get my clients to the internet when connected to the VPN? I believe
> that is disabled by default?
>
>
> Below rules will do the job.
>
> *DSTVPNNETWORK/16* is the network you access through VPN tunnel . This
> rule should be in placed first.
>
> iptables -t nat -A POSTROUTING -o eth1 -d DSTVPNNETWORK/16 -j ACCEPT
>
>
> Then,
>
> iptables -t nat -A POSTROUTING -o eth1 -s YOURLAN/24 -j SNAT --to-source
> extipofvpngateway
>
> Pls replace *YOURLAN/24* and *extipofvpngateway* with yours. Pls also
> note *eth1* is connected to the internet. Pls replace with yours and be
> happy. If u r happy, I will rejoice it.
>
>
>
>
>
>
>
>
>
>
>
> --
> Thank you
> Indunil Jayasooriya
>


More information about the Users mailing list