Hi,
Host A is a server with a 5.5.5.0/24 public subnet, host B is a
roadwarrior (dynamic ip, nat).
I want to give a public ip to the roadwarrior (let's say 5.5.5.100).
The roadwarrior's internal ip is in the 192.168.20.0/24 range (let's say
192.168.20.150).
Server (A) ipsec.conf:
nat_traversal=yes
conn server-roadwarrior
authby=rsasig
left=5.5.5.1
leftsubnet=0.0.0.0/0
leftrsasigkey=...
right=%any
rightsubnet=5.5.5.100/32
rightid=@laptop
rightrsasigkey=...
type=tunnel
auto=add
Roadbarrior (B) ipsec.conf
nat_traversal=yes
conn roadwarrior-server
authby=rsasig
left=%defaultroute
leftsubnet=5.5.5.100/32
#leftsourceip=5.5.5.100
leftid=@laptop
leftrsasigkey=...
right=5.5.5.1
rightsubnet=0.0.0.0/0
rightrsasigkey=...
type=tunnel
auto=start
I can ping 5.5.5.100 from server A but the roadwarrior can't reach
server A. I can surf the web but it doesn't tunnel the traffic at all
(IP isn't 5.5.5.100). I tried adding leftsourceip=5.5.5.100 in the
roadwarrior but I can't even reach server A to establish the vpn
connection such a way!
Niccolò
--
To unsubscribe from this list: send the line "unsubscribe lartc" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
