[Openswan Users] Gateway to gateway without router in one endpoint?
alonso.manilla at gmail.com
Mon Jun 10 14:09:16 UTC 2013
This maybe help you
I used this for route:
ip route add 220.127.116.11/16 via 18.104.22.168 dev eth0 proto static src
This is my iptables-save result:
:PREROUTING ACCEPT [7890242:571675663]
:INPUT ACCEPT [7207255:467688388]
:OUTPUT ACCEPT [1540066:101645951]
:POSTROUTING ACCEPT [1540060:101645591]
-A POSTROUTING -p tcp -m tcp --tcp-flags SYN,RST SYN -j TCPMSS
-A POSTROUTING -s 22.214.171.124/32 -d 172.22.11.10/32 -o eth0 -j MASQUERADE
-A POSTROUTING -s 126.96.36.199/16 -d 172.22.11.10/32 -o eth0 -j MASQUERADE
check this link:
I had problem with packages and here help me to solve
2013/6/8 Jose M <soloninguno at hotmail.com>
> Thanks Alonso!
> Could you give me some hints how to create routes and iptables to get this
> From: alonso.manilla at gmail.com
> Date: Fri, 7 Jun 2013 17:07:34 -0500
> Subject: Re: [Openswan Users] Gateway to gateway without router in one
> To: soloninguno at hotmail.com
> CC: users at lists.openswan.org
> It's possible to create virtual nics.
> Use #:
> ifconfig eth0:1 192.168.1.5 netmask 255.255.255.0
> to make it permanent change the /etc/network/interfaces file.
> then you need to create a route to send all packets from vpn to the new ip
> address, also need to check your iptables.
> Good luck.
> Alonso Manilla
> 2013/6/7 Jose M <soloninguno at hotmail.com>
> I need to create an ipsec vpn between an internal network behind a cisco
> router and an ubuntu server in the outside that is directly connected to
> the web (no router here).
> Right now I've test openswan to create a client to gateway vpn an works as
> expected. Unforunately with this configuration I don't have two way
> traffic, the client sees the internal network, but the network can't see
> the client.
> My knowledge of networks isn't the best, so I need to ask, is it possible
> to create some kind of virtual nics in ubuntu client server to simulate a
> gateway and an internal network (with only one machine) in this endpoint,
> so the machines in the internal network can see this client?
> Thanks in advance!
> Users at lists.openswan.org
> Micropayments: https://flattr.com/thing/38387/IPsec-for-Linux-made-easy
> Building and Integrating Virtual Private Networks with Openswan:
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Users