[Openswan Users] EC2 and Openswan
Mir Islam
mislam at mirislam.com
Wed Nov 23 18:03:32 EST 2011
Hi Paul, thanks for that guide. I have leftsourceip in my config (and also in original email). Only difference is it is not elastic IP, but rather the public ip that Amazon assigns to each instances. I did not add that ip as a virtual interface to eth0 though since I have a newer OpenSwan (openswan-2.6.32-1.9.amzn1.x86_64) installed. Thanks. Mir.
conn sonicwall
leftsubnet=172.25.1.0/24
left=%defaultroute
forceencaps=yes
leftsourceip=50.19.X.X
right=99.22.X.X
rightsubnet=172.29.0.0/16
keyingtries=0
pfs=no
aggrmode=no
auto=add
auth=esp
ike=aes-256-sha1
esp=aes-256-sha1
authby=secret
On Nov 23, 2011, at 2:47 PM, Paul Wouters wrote:
> On Wed, 23 Nov 2011, Mir Islam wrote:
>
>> Hi, I have an instance on Amazon EC2 and can connect to a remote Sonicwall VPN server. I can ping the IP address of the assigned internal network of EC2 from remote server. However I can not reach the remote subnet from EC2 instance. I suspect a routing issue. But when I used tcpdump to see what's going on while pinging remote van's internal IP this is what I see:
>
> Did you forget leftsourceip= ?
>
> See https://gsoc.xelerance.com/projects/openswan/wiki/Amazon_EC2_example
>
> Paul
More information about the Users
mailing list