[Openswan Users] Routing with virtual network

Mike James mike.james at clutch.com
Tue Jan 21 20:43:38 EST 2014


OK, I accept that. So, I get the remote users to change their networks.
Then I probably don’t have to hand out 192.168.30.0/24 network addresses
either. That was part of the idea that I had to prevent network collisions.
-- 
    Michael James
Sr. Network Engineer
      267-419-6400, x204
      mike.james at clutch.com
    
    
    The Premiere loyalty, rewards, and gifting platform
    for consumer-focused brands and retailers.
  





On 1/21/14, 5:54 PM, "Simon Deziel" <simon at xelerance.com> wrote:

>On 14-01-21 05:22 PM, Mike James wrote:
>> Apparently not *all* hope is lost :) I¹m not sure if OpenSWAN can do it,
>
>Sure this source *and* destination NAT'ing is possible with iptables
>trickery on both sides. Heaving NAT'ing doesn't mix well with hope though
>;)
>
>Since it needs to happen on both sides, this "solution" isn't very home
>user friendly, IMHO.
>
>> but Cisco have a doc -
>> 
>>http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_ex
>>am
>> ple09186a00800b07ed.shtml
>
>This page also warns about how confusing this setup is:
>
>> Note: This configuration is not recommended as a permanent setup
>> because it would be confusing from a network management standpoint.
>
>Since home network gear generally uses 192.168.0.0/24 or 192.168.1.0/24
>I would assume that not many users have an IP collision with your office
>network. If that's the case it would probably be easier to make the IP
>change on the client side.
>
>Good luck,
>Simon
>_______________________________________________
>Users at lists.openswan.org
>https://lists.openswan.org/mailman/listinfo/users
>Micropayments: https://flattr.com/thing/38387/IPsec-for-Linux-made-easy
>Building and Integrating Virtual Private Networks with Openswan:
>http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155



More information about the Users mailing list