From: David Monk (david_at_purplebear.net)
Date: Wed Jul 31 2002 - 22:40:38 CEST
>From the reading and searching I have done, I appearently have a fairly
unique setup. I am using Freeswan connecting from home to my corporate LAN,
to a Cisco 3660. Normal host to LAN tunnel works perfectly so far. I want to
expand my setup to allow more than one system at my home to come across the
tunnel. All my systems, including the one creating the tunnel are behind a
NAT firewall.
Here's the setup, basically:
corp wan ----- internet ------- NAT router -- gateway system
My ipsec.conf in normal configuration for the one client works fine, with:
conn corp
type=tunnel
left=%defaultroute
right=xxx.xxx.xxx.xxx
rightsubnet=yyy.yyy.yyy.0/24
keyexchange=ike
auth=esp
authby=secret
lifetime=8h
keylife=1h
pfs=no
spi=0x500
esp=3des-md5-96
auto=start
I tried just adding, leftsubnet=zzz.zzz.zzz.0/24 to the above to get my home
net routing through the gateway system. ip forwarding is enabled. When I do
this, the subnet can route back and forth, but the gateway system cannot.
With the leftsubnet directive removed, and nothing else changed, the gateway
system can route back and forth fine.
Any help in making this work would be greatly appreciated.
--- David Monk CCNA, MCSE david_at_purplebear.net_______________________________________________ Users mailing list Users_at_lists.freeswan.org http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.4 : Mon Aug 05 2002 - 21:01:35 CEST