I'm trying to setup an ipsec tunnel from my laptop (linux) to my server at
home (linux). I was able to configure freeswan and get a tunnel up and
running between the two, but actually communicating with my server or with
any of the clients behind it through that tunnel is something of a problem.
All of the clients that I'm trying to communicate are using reserved ip
addresses and are behind the linux server which is provinding NAT
translation as well as firewalling.
It looks like my server is either dropping packets from my laptop or I need
to establish some additional routing routing (I think).
My config looks something like this..
leftid=@servername
left=publicip addr
leftsubnet=10.0.0.0/24
leftfirewall=yes
right=%any
rightid=@laptop.servername
auto=add
I log all dropped packets on the server, and I don't see anything being
dropped by the firewall, so I'm assuming it's a routing or reverse-nat
problem.
A tcpdump on my laptop shows pings heading out of the ipsec0 interface
to a 10.0.0.x address. (Which is what I intended to do).
Do I need to establish some sort of reverse nat translation in order to
translate public ip addresses arriving through the ipsec tunnel into
10.0.0.x addresses? I spent quite a bit of time going through the
documentation on the website, but I didn't see anything that pointed to
a problem like this - other than the firewall might be causing a problem
(which I'm fairly certain it is not).
Any ideas anyone has would be appreciated.
Thanks, and take it easy,
Charles Mauch <xterminus_at_myrealbox.com>
Please encrypt personal email with GnuGP.
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.3 : Mon Jul 29 2002 - 05:20:23 CEST