Howdy,
I've been setting up a VPN. One of my clients has a Charter Pipeline
internet connection at home, and wants to communicate with the LEAF box
at his work via FreeS/WAN. I got him a D-Link firewall box to stick
between his cable modem and his computer as an added layer of security.
Then I had him do a traceroute to www.yahoo.com so I could get his
"nexthop" information to configure /etc/ipsec.conf. From this file, I
noted:
1 192.168.0.1 {d-link box}
2 10.d.e.f {Charter Pipeline gateway saving IP's!}
3 24.205.g.h {a real IP that can be pinged from the outside world}
4 {and so forth to www.yahoo.com}
So his network looks like:
192.168.0.115 {internal machine address}
|
|
192.168.0.1 {d-link internal address}
10.a.b.c {d-link external address}
|
|
10.d.e.f {Charter cable internal gateway}
24.205.g.h {Charter cable external gateway - pingable from outside}
Charter Pipeline is apparently saving money by using IP masquerading
themselves. This leaves me with a problem defining "right /
rightnexthop / rightsubnet" in /etc/ipsec.conf. Any ideas?
Thanks,
Jon
-------------------------------------------------------
Sponsored by:
ThinkGeek at http://www.ThinkGeek.com/
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
