[Openswan Users] Public subnet extrusion
Niccolò Belli
darkbasic at linuxsystems.it
Thu Feb 23 19:17:39 EST 2012
Hi,
Host A is a server with a 5.5.5.0/24 public subnet, host B is a
roadwarrior (dynamic ip, nat).
I want to give a public ip to the roadwarrior (let's say 5.5.5.100).
The roadwarrior's internal ip is in the 192.168.20.0/24 range (let's say
192.168.20.150).
Server (A) ipsec.conf:
nat_traversal=yes
conn server-roadwarrior
authby=rsasig
left=5.5.5.1
leftsubnet=0.0.0.0/0
leftrsasigkey=...
right=%any
rightsubnet=5.5.5.100/32
rightid=@laptop
rightrsasigkey=...
type=tunnel
auto=add
Roadbarrior (B) ipsec.conf
nat_traversal=yes
conn roadwarrior-server
authby=rsasig
left=%defaultroute
leftsubnet=5.5.5.100/32
#leftsourceip=5.5.5.100
leftid=@laptop
leftrsasigkey=...
right=5.5.5.1
rightsubnet=0.0.0.0/0
rightrsasigkey=...
type=tunnel
auto=start
I can ping 5.5.5.100 from server A but the roadwarrior can't reach
server A. I can surf the web but it doesn't tunnel the traffic at all
(IP isn't 5.5.5.100). I tried adding leftsourceip=5.5.5.100 in the
roadwarrior but I can't even reach server A to establish the vpn
connection such a way!
Niccolò
More information about the Users
mailing list