IPv6 readyNote: This archive passes through spamassassin. Every mail marked with the subject "*****SPAM*****" has exceed a certain threshold of spam-like behaviour.

[Users] Internet traffic unencrypted

From: Adrian Blockus (ablockus_at_gmx.net)
Date: Thu Jul 18 2002 - 10:05:29 CEST

Hi,

my setup is the following:

1xx.xx.137.80/28 <--Subnet
            ||
            ||
            ||
1xx.xx.137.86 <-------frees/wan eth0
            |
1xx.xx.137.10 <-------frees/wan eth1
            |
            |
            |
1xx.xx.137.0/24 <----private LAN
            |
            |
1xx.xx.137.250 <---Internet gateway

I want to secure all traffic between the subnet and the private LAN. At the moment only the packets which are destined for the private LAN are encrypted. But I want the internet traffic from the subnet to be encrypted, too.

I use the following connection definitions:

conn subnet
 right=%any
 left=1xx.xx.137.86
 leftca="C=DE, S=State, L=Hannover, O=UNI, OU=ISDE, CN=CA, Email=CA_at_isde.de"
 network=auto
 auto=start
 pfs=yes

conn subnet-net
 right=%any
 left=1xx.xx.137.86
 leftsubnet=1xx.xx.137.0/24
 leftca="C=DE,S=State,L=Hannover,O=UNI,OU=ISDE,CN=CA,Email=CA_at_isde.de"
 network=auto
 auto=start
 pfs=yes

Do I need another definition for internet connections?

Thanx, Adrian Blockus

_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users

This archive was generated by hypermail 2.1.3 : Mon Jul 29 2002 - 05:20:24 CEST