From: Takuhiro Nishioka (takuhiro_at_dcrew.jp)
Date: Sat Dec 28 2002 - 22:22:55 CET
Hi,
I'm trying to use virtual IP address with FreeS/WAN <-> FreeS/WAN NAT-T
connection.
10.0.0.5 (SG1) -- 10.0.0.1 a.b.c.1 (NAPT) -- Internet--+
|
192.168.0.1 a.b.c.2 (SG2) -----------------------------+
SG1 and SG2 are super-freeswan-1.99_kb3rc6.tar.gz
IPsec SA is successfully established. But, I couldn't access to SG2. I
guess I should do IP alias and some routing settings. But I don't know how.
Any available hints will be greately appreciated.
SG1 configuration:
config setup
interfaces="ipsec0=eth0"
klipsdebug=none
plutodebug=none
plutoload=%search
plutostart=%search
plutowait=no
uniqueids=yes
nat_traversal=yes
conn %default
authby=secret
left=10.0.0.5
leftsubnet=192.168.100.2/32
leftnexthop=10.0.0.1
conn nat-traversal
right=a.b.c.2
rightsubnet=192.168.0.0/24
auto=start
SG2 configuration:
config setup
interfaces="ipsec0=eth0"
klipsdebug=none
plutodebug=none
plutoload=%search
plutostart=%search
plutowait=no
uniqueids=yes
nat_traversal=yes
virtual_private=%v4:192.168.100.0/255.255.255.0
conn %default
keyexchange=ike
keyingtries=10
disablearrivalcheck=no
authby=secret
left=a.b.c.2
leftsubnet=192.168.0.0/255.255.255.0
keylife=20m
rekeymargin=5m
ikelifetime=3h
auto=add
conn nat-traversal
right=%any
rightsubnet=vnet:%priv