[Openswan Users] Site-to-site + OpenVPN

Damir Reic dreic at email.t-com.hr
Mon May 13 15:26:02 UTC 2013



> -----Original Message-----
> From: Simon Deziel [mailto:simon at xelerance.com]
> Sent: Monday, May 13, 2013 5:19 PM
> To: Damir Reic
> Cc: users at lists.openswan.org
> Subject: Re: [Openswan Users] Site-to-site + OpenVPN
> 
> On 13-05-13 11:17 AM, Damir Reic wrote:
> >>> i have 2 OpenVPN services on end server binded on WAN IP. Ports used
> >>> are TCP
> >>> 443 and UDP 1194. I have Iptables rules to forward requests on some
> >>> other ports (TCP 80, UDP 443, UDP 80, UDP 4500, UDP 5632) to the one
> >>> of those 2 configured ports. That is working fine. Now i established
> >>> site-to-site VPN over openswan in tunnel mode between 1st server and
> >> end server.
> >>
> >> If your OpenVPN session is already running over an IPsec tunnel I
> >> think
> > the
> >> rest of the discussion should be moved to the OpenVPN mailing list [1].
> >
> > OpenVPN is not running over IPsec yet because i don't know how can i
> > tell 1st server to push traffic destined for OpenVPN trough the IPsec
> tunnel.
> 
> You OpenVPN connection isn't established?

No it is not.

iptables -t nat -A PREROUTING -p udp -d 1.1.1.1 --dport 1191 -j REDIRECT  -
missing the rest of the rule

Now i don't know how to push this traffic inside the tunnel (don't even know
is it possible with iptables). 1.1.1.1 is let's say 1st server, 2.2.2.2 is
server on the other end of tunnel on which openVPN is.



More information about the Users mailing list