From: Stephen J. Bevan (stephen_at_dino.dnsalias.com)
Date: Wed Aug 14 2002 - 08:11:29 CEST
Ogden Nefix writes:
> This is the basic setup I wish to run a VPN over:
>
> -------------- -------- -------------- ----------
> | my home |==>| ISP | ==========> | Work Cisco |====>|Internal| ...
> | debian box | | Gwy.| INTERNET | Router | | Gateway|
> -------------- ------- -------------- ----------
>
> (Internal Gateway goes to other 192.168.1....)
>
> my home debian box = 1.1.1.56
> my ISP's Gateway = 1.1.1.1
>
> Work Cisco Router = 2.2.2.1
> Work Internal Gateway (with FreeS/Wan) = 2.2.2.2 and 192.168.1.1
> Internal LAN = 192.168.1.x
>
> So, in /etc/ipsec.conf I set up as:
>
> conn vpn-setup
> leftsubnet=1.1.1.0/24
> left=1.1.1.56 # my home debian box
> leftnexthop=1.1.1.1 # my isp gateway
>
> right=192.168.1.1 # internal gateway
> righsubnet=192.168.1.0/24
> rightnexthop=2.2.2.1 # cisco router
>
> Is this correct? Do I have the right IP's in their right places?
If that is the config for your internal gateway then I would have put
left&right the other way around. Either way, right=192.168.1.1 is not
going to work since your ISP gw is not going to know to route it to
your Cisco box. You should use :-
right=2.2.2.2
> Also, how do I test it? I have FreeS/Wan working on the internal gateway
> at work (which has IPChains running). Do I have to have FreeS/Wan
> installed on the my Debian box also?
Yes.
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.4 : Wed Aug 14 2002 - 10:19:43 CEST