[Openswan Users] Connecting to other machines in subnet

Willie Gillespie wgillespie+openswan at es2eng.com
Mon Feb 11 17:03:49 EST 2013

What you are talking about is doable, but I need to know a little more 
about your setup.

Do you still want an IPsec connection between site A and B with the SSH 
connection to machine C (which is at site B) inside of it?

Or do you want the SSH connection to go directly to machine C and not be 
encapsulated in the IPsec tunnel?

Is machine B the gateway for site B (and thus for machine C)?  Or does 
machine C have its own public IP address?

On 02/11/2013 02:40 PM, Durwin wrote:
> If you mean for me to get the ip addresses from tcpdump, I already know
> them.  For example. Site A machine has local ip a.a.a.a and ssh's to
> Site B (which is running VPN) like ssh user at b.b.b.b  I want it to go to
> c.c.c.c   What has me concerned is, if I forward port 22 to c.c.c.c,
> does the machine know how to return traffic with just that one iptables
> line?  Or do I need to add another line to tell c.c.c.c how to send
> traffic back to a.a.a.a?
> Thank you,
> Durwin
>> On 11 Feb 2013, at 20:02, Durwin wrote:
>>> I have VPN setup.  Works just fine.  However, it is desired to be able
>>> to connect to a specific machine (other then the one running VPN).  For
>>> example,  machine A at VPN location 1 needs to connect directly to
>>> machine C at VPN location 2.  Machine B is running VPN.  Is there a way?
>>> I am thinking iptables, but I only have a working knowlegde of it.
>>> Thank you,
>>> Durwin
>>> _______________________________________________
>>> Users at lists.openswan.org
>>> https://lists.openswan.org/mailman/listinfo/users
>>> Micropayments: https://flattr.com/thing/38387/IPsec-for-Linux-made-easy
>>> Building and Integrating Virtual Private Networks with Openswan:
>>> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
>> Regards
>> Dan.
> Durwin F. De La Rue <thecajun at nmia.com>

More information about the Users mailing list