[Openswan Users] openswan 2.6.37.3 FC 17

Anthony Ppar rapponcape at gmail.com
Sat Aug 25 14:14:17 EDT 2012


Linux FC17 machine connecting to Sonicwall NSA 3500 using ipsec tunnel mode and
XAUTH.

Current configuration works and I can see and connect to the remote network
resources.  However, when I connect to a remote resource, such as 192.168.20.10,
I can see that my ip address is 192.168.1.9.

Instead of this 1.9 source address, I need my source to be something in the 20.x
range.

I have DHCP enabled on SonicWall and when my Windows users connect using the
Sonicwall GVC client, they obtain an address via dhcp and are assigned one from
the 20.x pool.  How can I reconfigure my connection from FC linux box so I am
assigned a 20.x address for the tunnel link?

Thanks for any assistance you can provide.

Here's my current config.

config setup
	# Debug-logging controls:  "none" for (almost) none, "all" for lots.
	# klipsdebug=all
	#plutodebug="control parsing"
	plutodebug="all"
	# For Red Hat Enterprise Linux and Fedora, leave protostack=netkey
	protostack=netkey
#	protostack=klips
	nat_traversal=yes
	oe=off
	# Enable this if you see "failed to find any available worker"
	nhelpers=0

conn sonicwall
     type=tunnel
     left=192.168.1.9
     leftsubnet=192.168.1.0/24
     leftid=@GroupVPN
     leftxauthclient=yes
     right=123.123.123.254
     rightsubnet=192.168.20.0/24
     rightid=@0012X00012B3
     rightxauthserver=yes
     keyingtries=0
     pfs=no
     auto=add
     auth=esp
     esp=3DES-SHA1
     ike=3des-sha1-modp1024
     authby=secret
     aggrmode=yes
     keyexchange=ike





More information about the Users mailing list