[Openswan Users] Routing through tunnel

Diego Spinola Castro spinolacastro at gmail.com
Thu Jul 30 13:35:15 EDT 2015


Hello, i'm having a hard time to get my ipsec setup working.

My setup looks like this:
http://wiki.mikrotik.com/wiki/Routing_through_remote_network_over_IPsec

SiteA and SiteB has already communication on both ways, but i need siteA
use siteB as default gateway, and there is my problem. I can see the
packets arriving on routerB but it doesn't route to internet, so i believe
something is missing. Here is my conf:


config setup
# Debug-logging controls:  "none" for (almost) none, "all" for lots.
# klipsdebug=none
# plutodebug="control parsing"
# For Red Hat Enterprise Linux and Fedora, leave protostack=netkey
protostack=netkey
nat_traversal=yes
oe=off
# Enable this if you see "failed to find any available worker"
# nhelpers=0

conn clar
  type=tunnel
   authby=secret
   auth=esp
   pfs=no
   compress=no
   esp=3des-sha1
   ike=3des-sha1;modp1024
   auto=start
   left=%defaultroute
   leftid=100.100.10.1
   leftnexthop=%defaultroute
   leftsubnet=172.28.1.0/24
   right=100.200.30.1
   rightsubnets={0.0.0.0/0, 172.19.16.48/29, 10.150.128.0/17}


Hope you can help.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openswan.org/pipermail/users/attachments/20150730/5ef67f31/attachment.html>


More information about the Users mailing list