Re: [Users] Wildcards in left/rightsubnet=, roadwarior behind DHCP enabled DSLrouter.

• Next message: Joe Patterson: "RE: [Users] linux - cisco problem"
• Previous message: Kuba Leszewski: "[Users] linux - cisco problem"
• In reply to: Andreas Steffen: "Re: [Users] Wildcards in left/rightsubnet=, roadwarior behind DHCP enabled DSLrouter."
• Next in thread: Jordan Share: "RE: [Users] Wildcards in left/rightsubnet=, roadwarior behind DHCP enabled DSLrouter."
• Reply: Jordan Share: "RE: [Users] Wildcards in left/rightsubnet=, roadwarior behind DHCP enabled DSLrouter."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Andreas,
        Lynksys DSL router acts as a DHCP server, and gives IPs in the
range 192.168.10/24. Even worse it may assign different IP to a client
which was just a few hours off the internal network.
        But with the "leftsubnetwithin" option of the X.509 patch, it
would definitely be possible to solve my problem. I'm looking forward to
test the new version of the patch.

        Thanks a lot for your help,
                Dmitriy

On Fri, 31 May 2002, Andreas Steffen wrote:
> Hi,
>
> since the Linksys DSL router gets a quasi-static external IP address
> assigned by your ISP, why can't you just give your Win2k box a fixed IP
> e.g. 192.168.0.1 ? Then you could configure in ipsec.conf
>
> conn rw
> left=%any
> leftsubnet=192.168.0.1
> auto=add
>
> Or does the Linksys DSL router act as a DHCP server for your Win2k box
> and you are limited to the possibility to restrict the range of the
> dynamic address pool on the Linksys box to e.g. 192.168.1.0/24?
> Then with the new version 0.9.12 of the X.509 patch which will be
> released most probaly today you will be able to define
>
> conn rw
> left=%any
> leftsubnetwithin=192.168.1.0/24
> auto=add
>
> FreeS/WAN will then accept (of course after successful authentication
> on the basis of the peer certificate, only) any peer having an inner IP
> address or a subnet contained within the wildcard bracket 192.168.1.0/24.
>
> Regards
>
> Andreas
>
> Dmitriy Bondar wrote:
> >
> > I have Linksys DSL router at home which does NAT with IPsec passthrough.
> > My external IP is different from internal NATed private IP. I need to
> > establish a connection between a Win2K computer at home and FreeSWAN
> > enabled gateway at work. I can easily put left=%any for my home computer
> > but this does not solve the major problem. While my external DSL IP rarely
> > changes (if at all), my internal IP is different anytime I turn my
> > computer on.
> >
> > I couldn't find a way to specify in ipsec.conf to accept any subnets from
> > a roadwarior. Anyone can help me here?
> >
> > Thanks,
> > Dmitriy
>
> ======================================================================
> Andreas Steffen e-mail: andreas.steffen_at_strongsec.com
> strongSec GmbH phone: +41 76 340 25 56
> Alter ZЭrichweg 20 home: http://www.strongsec.com
> CH-8952 Schlieren (Switzerland)
> ==========================================[strong internet security]==
>

_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users

• Next message: Joe Patterson: "RE: [Users] linux - cisco problem"
• Previous message: Kuba Leszewski: "[Users] linux - cisco problem"
• In reply to: Andreas Steffen: "Re: [Users] Wildcards in left/rightsubnet=, roadwarior behind DHCP enabled DSLrouter."
• Next in thread: Jordan Share: "RE: [Users] Wildcards in left/rightsubnet=, roadwarior behind DHCP enabled DSLrouter."
• Reply: Jordan Share: "RE: [Users] Wildcards in left/rightsubnet=, roadwarior behind DHCP enabled DSLrouter."
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.3 : Mon Jul 29 2002 - 05:20:09 CEST