[Openswan Users] Routing with virtual network
Mike James
mike.james at clutch.com
Tue Jan 21 20:43:38 EST 2014
OK, I accept that. So, I get the remote users to change their networks.
Then I probably don’t have to hand out 192.168.30.0/24 network addresses
either. That was part of the idea that I had to prevent network collisions.
--
Michael James
Sr. Network Engineer
267-419-6400, x204
mike.james at clutch.com
The Premiere loyalty, rewards, and gifting platform
for consumer-focused brands and retailers.
On 1/21/14, 5:54 PM, "Simon Deziel" <simon at xelerance.com> wrote:
>On 14-01-21 05:22 PM, Mike James wrote:
>> Apparently not *all* hope is lost :) I¹m not sure if OpenSWAN can do it,
>
>Sure this source *and* destination NAT'ing is possible with iptables
>trickery on both sides. Heaving NAT'ing doesn't mix well with hope though
>;)
>
>Since it needs to happen on both sides, this "solution" isn't very home
>user friendly, IMHO.
>
>> but Cisco have a doc -
>>
>>http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_ex
>>am
>> ple09186a00800b07ed.shtml
>
>This page also warns about how confusing this setup is:
>
>> Note: This configuration is not recommended as a permanent setup
>> because it would be confusing from a network management standpoint.
>
>Since home network gear generally uses 192.168.0.0/24 or 192.168.1.0/24
>I would assume that not many users have an IP collision with your office
>network. If that's the case it would probably be easier to make the IP
>change on the client side.
>
>Good luck,
>Simon
>_______________________________________________
>Users at lists.openswan.org
>https://lists.openswan.org/mailman/listinfo/users
>Micropayments: https://flattr.com/thing/38387/IPsec-for-Linux-made-easy
>Building and Integrating Virtual Private Networks with Openswan:
>http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
More information about the Users
mailing list