[Openswan Users] Assigned IP not Reflected in Connections to Other Resources

[Patrick Naubert]

Rescued from the spam bucket.  Please remember to subscribe to the mailing list before posting to it.


> From: Jeremy <coughlin.jeremy at gmail.com>
> Subject: Assigned IP not Reflected in Connections to Other Resources
> Date: June 21, 2016 at 11:24:58 AM EDT
> To: users at lists.openswan.org
> 
> 
> Hey All, 
> 
> Setup an l2tp server using xl2tpd and openswan. Pretty good results so far, but I noticed when connecting to other resources, all of the traffic on the other side of the tunnel is logged as the ipsec host's ip (10.0.0.49), and not the IP assigned to me by the server (in this instance 10.0.102.10). So when I ssh into resources, it lists my connection as having come from 10.0.0.49 etc. Below is my ipsec and xl2tpd config. Any advice? I'm guessing this has nothing to do with openswan and more to do with transforming the traffic as it exits the tunnel and moves to the lan, but figured I'd ask you guys. 
> 
> -Jeremy
> 
> conn shared
>   left=10.0.0.49
>   leftid=xxx.xxx.xxx.xxx
>   right=%any
>   forceencaps=yes
>   authby=secret
>   pfs=no
>   rekey=no
>   keyingtries=5
>   dpddelay=30
>   dpdtimeout=120
>   dpdaction=clear
>   ike=3des-sha1,aes-sha1
>   phase2alg=3des-sha1,aes-sha1
> 
> conn l2tp-psk
>   auto=add
>   leftsubnet=10.0.0.49/32 <http://10.0.0.49/32>
>   leftnexthop=%defaultroute
>   leftprotoport=17/1701
>   rightprotoport=17/%any
>   type=transport
>   auth=esp
>   also=shared
> 
> 
> [global]
> port = 1701
> 
> [lns default]
> ip range = 10.0.102.10-10.0.102.250
> local ip = 10.0.102.1
> require chap = yes
> refuse pap = yes
> require authentication = yes
> name = l2tpd
> pppoptfile = /etc/ppp/options.xl2tpd
> length bit = yes
> 
> 
> 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openswan.org/pipermail/users/attachments/20160622/a430d2c2/attachment.html>