[Swan] Host to subnet setup ?
Glenn Pierce
glennpierce at gmail.com
Thu Mar 31 15:24:13 UTC 2016
Hi
I am new to libreswan and I am having a little trouble with the config.
Bascally I want to accesss a private network 10.0.128.0/22 from a
public server. Ie
Host to subnet but I can find examples for that setup.
The public server is a standard Linux server (Centos7). The private
network will have a MiKroTik router as the VPN Gateway.
Before setting up for real I am testing at my house. So I have the
added complication of being stuck behind my isp router.
I have placed the MiKroTik router (first gateway) in a DMZ and
configured my home isp router to forward all traffic to the
MiKroTik gateway.
The following image shows this setup better
http://89.200.143.48:8000/f/511e58a0c0/
I have started with a site to site config and have something like this
conn tunnel
left=81.175.246.157 # External isp assigned address
right=89.200.138.2 # Public server IP
authby=secret
# load and initiate automatically
auto=start
conn private
also=tunnel
leftsubnet=10.0.128.0/22 # Private network side of
Mikrotik router
rightsubnet=192.168.1.222/32 # "Public" size of Mikrotik router
conn server
also=tunnel
So 192.168.1.222 is the external ip of the MikroTik router (assigned
from my ISP router)
I just get lots of STATE_MAIN_I3: retransmission; will wait 500ms for
response etc
when bringing up the connection.
I sure I should have more in the conn server section as well.
Any advice would be great thanks.
More information about the Swan
mailing list