[Openswan Users] network changes - static NAT to private IP, what now?

Patrick Naubert patrickn at xelerance.com
Fri May 17 19:55:26 UTC 2013

Rescued from the Spam bucket.  Please remember to subscribe to the mailing list before posting to it.

From: "Sven J. van Rooij" <sven at vee-r.com>
Subject: network changes - static NAT to private IP, what now?
Date: 17 May, 2013 2:53:30 PM EDT
To: "users at openswan.org" <users at openswan.org>

Hello all…
We are “upgrading” our network and are getting dual T1 lines. However, besides new IPs, the provider also has us on a firewalled network with private IPs now (10.16.x.x)
Other than that, nothing changes and I would like to keep the current setup in place as is.
I already requested to have the IP for our Clark connect firewall NATd, so I do have one static public IP with static 1-1 NAT for it.
Looking at my tunnel definition files though, I wonder, what do I use for my left and leftnexthop and what do I tell my partner networks to use on the other end of the tunnel.
Do I use both my private IPs or do I use the public (NATd IP) as my left and the leftnexthop is my private IP gateway?
Can one do that? Or do I need another NATd public IP for my gateway address as well?
What info does the other side use? Public IP for the endpoint and private IP for the next hop??
Any advice will be highly appreciated.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openswan.org/pipermail/users/attachments/20130517/9ae19245/attachment.html>

More information about the Users mailing list