[Openswan Users] natted ipsec/l2tp

Willie Gillespie wgillespie+openswan at es2eng.com
Tue Aug 14 20:35:41 EDT 2012

On 8/14/2012 11:26 AM, Jeroen Beerstra wrote:
> The problem is that with leftsubnet=[my cable inet ip]/32 Ipsec works
> but the wrong xfrm rules are added. That is [my cable inet ip] -> [our
> work inet ip] and vice versa and not [my internal lan ip] -> [our work
> inet ip]. So xl2tpd traffic ends up being send unencrypted to our work
> ip and not via the ipsec tunnel.

Try left=[your cable inet ip]
and leftsubnet=[your internal lan ip]/32

More information about the Users mailing list