[Openswan Users] OpenSwan Issue

Luis Nagaki luis.nagaki at gmail.com
Fri Jun 1 09:05:54 EDT 2012 

Here is where I think i am having the issue. the tunnel is up, i HAVE
to use port fwding which i dont want to do on the client side, but
when i got this output, i forgot what command i did. but i noticed
something weird

src 192.168.2.0/24 dst 10.1.0.0/16
      dir in priority 2600
      tmpl src 75.74.126.88 dst 75.149.188.21
              proto esp reqid 16385 mode tunnel
src 10.1.0.0/16 dst 192.168.2.0/24
      dir out priority 2600
      tmpl src 75.149.188.21 dst 75.74.126.88
              proto esp reqid 16385 mode tunnel
src 192.168.2.0/24 dst 10.1.0.0/16
      dir fwd priority 2600
      tmpl src 75.74.126.88 dst 75.149.188.21
              proto esp reqid 16385 mode tunnel




on client

src 10.1.0.0/16 dst 192.168.2.0/24
      dir in priority 2352
      tmpl src 75.149.188.21 dst 192.168.2.6
              proto esp reqid 16385 mode tunnel
src 192.168.2.0/24 dst 10.1.0.0/16
      dir out priority 2352
      tmpl src 192.168.2.6 dst 75.149.188.21
              proto esp reqid 16385 mode tunnel
src 10.1.0.0/16 dst 192.168.2.0/24
      dir fwd priority 2352
      tmpl src 75.149.188.21 dst 192.168.2.6
              proto esp reqid 16385 mode tunnel

noticed this below on the server side

tmpl src 75.74.126.88 dst 75.149.188.21 for the server so its  like the client
below on client side....
tmpl src 75.149.188.21 dst 192.168.2.6"



On Thu, May 31, 2012 at 5:21 PM, Willie Gillespie
<wgillespie+openswan at es2eng.com> wrote:
> See inline below.
>
>
> On 05/31/2012 11:31 AM, Luis Nagaki wrote:
>>
>> VPN Client behind a Dlink soho Home
>> Quote:
>> conn poller2
>> left=192.168.2.6
>> leftid=@server2
>> leftrsasigkey=0sAQOdr36..| (Removed to make it smaller)
>> leftnexthop=%defaultroute
>> right=PUBLIC IP OF VPN SERVER
>> rightid=@server1
>> rightrsasigkey=0sAQPUN/..| (Removed to make it smaller)
>> rightnexthop=%defaultroute
>> auto=add
>
>
> This looks fine.  left is itself, right is the public IP of the server.
>
>
>
>> VPN Server directly connected to internet
>>
>> Quote:
>> conn central
>> left=PUBLIC IP of VPN Server
>> leftid=@server1
>> leftrsasigkey=0sAQPBY4LedS..| (Removed to make it smaller)
>> leftnexthop=%defaultroute
>> right=192.168.2.6
>> rightid=@server2
>> rightrsasigkey=0sAQOdr366h..| (Removed to make it smaller)
>> rightnexthop=External IP Of SOHO Device? or should i leave %defaultroute
>> auto=add
>
>
> This is what is probably causing you trouble.
> left is itself, which is fine.
> right should be the external IP of the client (SOHO device), since that is
> what the VPN server "sees" trying to connect to it.
>
> _______________________________________________
> Users at lists.openswan.org
> https://lists.openswan.org/mailman/listinfo/users
> Micropayments: https://flattr.com/thing/38387/IPsec-for-Linux-made-easy
> Building and Integrating Virtual Private Networks with Openswan:
> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155

More information about the Users mailing list