From: David Monk (david_at_purplebear.net)
Date: Thu Aug 01 2002 - 15:16:06 CEST
> > >From the reading and searching I have done, I appearently have a fairly
> > unique setup. I am using Freeswan connecting from home to my corporate
LAN,
> > to a Cisco 3660. Normal host to LAN tunnel works perfectly so far. I
want to
> > expand my setup to allow more than one system at my home to come across
the
> > tunnel. All my systems, including the one creating the tunnel are behind
a
> > NAT firewall.
> > Here's the setup, basically:
> >
> > corp wan ----- internet ------- NAT router -- gateway system
> >
> > My ipsec.conf in normal configuration for the one client works fine,
with:
> >
> > conn corp
> > type=tunnel
> > left=%defaultroute
> > right=xxx.xxx.xxx.xxx
> > rightsubnet=yyy.yyy.yyy.0/24
> > keyexchange=ike
> > auth=esp
> > authby=secret
> > lifetime=8h
> > keylife=1h
> > pfs=no
> > spi=0x500
> > esp=3des-md5-96
> > auto=start
> >
>
> You need to create two tunnels in this instance; one with just the "right"
> parameter, and the second with "right" and "rightsubnet". You should be
able
> to communicate with both the gateway and the subnet behind it.
>
> See doc/adv_config.html#multitunnel for more information.
>
Thank you for the help. In my case, I need one with leftsubnet and one
without. It works flawlessly now.
David
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.4 : Mon Aug 05 2002 - 21:01:35 CEST