[Swan] no work - Subnet extrusion - in CentOS 6.8
Sergey Mihailov
sergey.mihailov at gmail.com
Mon Jul 25 09:33:04 UTC 2016
2016-07-25 10:58 GMT+03:00 Paul Wouters <paul at nohats.ca>:
Do not use XXXsourceip= when using XXXsubnetS= because the sourceip can only
> refer to one submit.
>
> Why are you not using 192.168.128/23 insteaf of 192.168.129.0/24 +
> 192.168.128.0/24 ?
Ok. Thanks.
> The passthrough goes on your branch office. In this case left= is the
> branch and right is the world. So left should be a local ip on your
> branch IPsec gateway. You could probably use left=%defaultroute.
>
left=%defaultroute ?
my route table from office. ( no main )
---
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use
Iface
192.168.121.16 * 255.255.255.252 U 0 0 0
eth0.286
192.168.129.0 * 255.255.255.0 U 0 0 0
br129
192.168.128.0 * 255.255.255.0 U 0 0 0
br128
link-local * 255.255.0.0 U 1004 0 0
br128
link-local * 255.255.0.0 U 1006 0 0
br129
link-local * 255.255.0.0 U 1007 0 0
eth0.286
default 192.168.121.18 0.0.0.0 UG 0 0 0
eth0.286
---
Thanks.
P.S. Sorry my, i send wrong table route in private mail.
--
mx
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.libreswan.org/pipermail/swan/attachments/20160725/9b7ad784/attachment.html>
More information about the Swan
mailing list