[Swan] cannot get traffic to lan when using xauth and pool address is on lan segment
Paul Wouters
paul at nohats.ca
Mon Apr 17 14:46:51 UTC 2017
On Mon, 17 Apr 2017, Antonio Silva wrote:
> Correcting if i'm wrong, but digging a litle more, there won't be any mac
> associated with the ip/vpn client, so there is no arp entry in the server,
> even with proxy-arp enabled the lan devices will never be able to reach the
> vpn client.. because not arp will be found in the server. So i always have to
> set a different network, like in the 2) setup, no?
proxy arp fixes that. The linux/libreswan serer will use its own MAC for
all IP addresses it handed out to the clients.
Paul
More information about the Swan
mailing list