I'm running ipsec connections from machine to machine (xp to xp & xp to
linux)within my private network. This works fine, but now I want the
machines to connect to the internet using nat on a gateway machine. The
packets seem to get out to the internet, however when they return to the
gateway, they do not return to the originating host.
My linux gateway (nat machine) uses a preshared key and is configured as
follows:
conn home
authby=secret
left=10.10.19.1
leftid=@ns.home.local
right=%any
auto=add
keyingtries=1
Once again, the private network ipsec connections have no problem connecting
to this gateway. But internet traffic does not get returned to the
originating host.
I've read several things reporting that ipsec has a problem when outside of
the nat'd network because of the change of the packet header. The
suggestions are always to run the ipsec behind the nat. This is fine, but
the machines connect to the gateway using ipsec also.
I've tried several things like changing the source addresses and such using
iptables. I've also been playing with iproute2, but to no avail.
If anyone has had experience in this area, I would appreciate some direction
and/or ideas.
Thank,
Glen
-If you're too open minded, your brains will fall out.
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.3 : Mon Jul 29 2002 - 05:19:57 CEST