> On 2002-07-23 10:18 +0200 Arne Van Theemsche wrote:
> >
> > this may be weird, but I have something working, while the manual says it
> > should not work.
> >
> > I have 2 linux boxes, each with freeswan, both doing MASQUERADING on the
> > LAN side. I wanted to connect the 2 LAN's to each other through freeswan,
> > I did not use left or rightfirewall, and it works.
> > So what's the use of those 2 options then?
> > One of the 2 freeswan's is even masqueraded itself after a cisco who does
> > static nat to the private IP of the WAN-side of the secure-gateway.
>
> It might *not* be working as you expect - are you 100% sure your gateways
> really talk to each other through the tunnel?
>
> Please post your configuration, otherwise we cannot tell for sure.
>
the gateways do not need to talk securely, the subnet's must, and they do
(checked with tcpdump)
this is the config of the secure gateway being after the cisco (with
static nat) (left)
conn interwheels-waasmunster
leftid=@www.adsl4all.be
left=%defaultroute
leftsubnet=10.1.1.0/24
leftrsasigkey=0sAQON2d1VURN+qx2gBOC4Ao1AuuuFkAmeLuGEy/ZaCM6MJGt6QvaU...
rightid=@waasmunster
right=%any
rightsubnet=10.1.80.0/24
rightrsasigkey=0sAQO8B3I20H4fxQpP2junsnjM5FFcFxNlBACyG5EvMZAlJCY/tA9q9c....
auto=add
this is the other one (right)
conn interwheels-waasmunster
leftid=@www.adsl4all.be
left=x.y.183.11
leftsubnet=10.1.1.0/24
leftnexthop=x.y.183.1
leftrsasigkey=0sAQON2d1VURN+qx2gBOC4Ao1AuuuFkAmeLuGEy/ZaCM6MJGt6QvaU...
rightid=@waasmunster
right=%defaultroute
rightsubnet=10.1.80.0/24
rightrsasigkey=0sAQO8B3I20H4fxQpP2junsnjM5FFcFxNlBACyG5EvMZAlJCY/tA9q9c...
auto=start
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.3 : Mon Jul 29 2002 - 05:20:26 CEST