Hi, I have the following network diagram
PRIVATE IP
172.0.0.0/8
[ NOKIA E71 PHONE 1 ]------------ RAMDOM PUBLIC IP 200.25.64/26
( ) STATIC IP PUBLIC
IP [190.10.9.8] 172.16.20.0/24
--[ 3G ISP
]------------------------( Internet
)-------------------[ VPN-Gateway / FIREWALL
]------------------------[HOSTS]
[ NOKIA E71 PHONE 2 ]-----------
( )
The phone gets connected, and my routes show this every time a phone
connects on:
Encap:
Source Port Destination Port Proto
SA(Address/Proto/Type/Direction)
172.27.141.167/32 0 default 0 0
200.25.197.117/esp/use/in
default 0 172.27.141.167/32 0 0
200.25.197.117/esp/require/out
172.28.28.14/32 0 default 0 0
200.25.197.121/esp/use/in
default 0 172.28.28.14/32 0 0
200.25.197.121/esp/require/out
172.28.43.174/32 0 default 0 0
200.25.197.107/esp/use/in
default 0 172.28.43.174/32 0 0
200.25.197.107/esp/require/out
172.31.55.203/32 0 default 0 0
200.25.197.89/esp/use/in
default 0 172.31.55.203/32 0 0
200.25.197.89/esp/require/out
172.31.33.42/32 0 default 0 0
200.25.197.94/esp/use/in
default 0 172.31.33.42/32 0 0
200.25.197.94/esp/require/out
172.31.126.146/32 0 default 0 0
200.25.197.109/esp/use/in
default 0 172.31.126.146/32 0 0
200.25.197.109/esp/require/out
I read this article:
http://www.undeadly.org/cgi?action=article&sid=20090127205841
But my Roadwarrior (the phone) is changing from GW every time it connects
(random 200.25.64/26), as you can see here i need a bi-nat, for the sad case
it hits the same ip 172.16.20.0/24 some day, dont blame me about the ip
addressing.
Here is my ipsec.conf
ike passive from any to any main auth hmac-sha1 enc aes group modp1024 quick
auth hmac-sha1 enc aes psk x6f1d59e544ffccd5d48cf8f9199cd7af4005535
Any help will be greatly appreciated.
Greetings
--
Atentamente
Andris Genovez Tobar / Sistemas
Elastix ECE - Linux LPI-1 - Novell CLA - Apple ACMT
http://www.cspmsa.com
ageno...@cspmsa.com
Jabber: bitfr...@asgard.crice.org
Comunidad: http://www.crice.org
