I agree with you, but what if I do not have control over configuration of the network that my road-warrior connects from? For example, the road-warrior connects through GPRS, in which case he's assigned a private ip address.
Anyhow, the netmask of the subnet behind the FreeSWAN is fixed. So.. > Change the network numbers, or add network masks. > > eg: if the local network has addresses in the range > 192.168.1.1-100 and the remote has 192.168.1.130-250, then > you can set the routes to something like > > network 192.168.1.0 netmask 255.255.255.128 -> LAN (eg: eth0 > for Linux) > network 192.168.1.128 netmask 255.255.255.128 -> Remote (eg: ppp0) > > > I think the *normal* way in this situations would be that > the RAS client to > > be able to access the remote subnet and not the one he is > into, as long as > > the VPN connection is active. > > That's only a side effect of having the routing table > clobbered by the VPN. > > > Is this one of the reasons 3rd party VPN Clients are available? > > No - what's happening for you is purely a side effect of > having private networks on the same private range. Pick a > different range (eg: 192.168.2.0) for one of the networks. >
