Openswan: Works, but...
Roger Grosswiler
roger at gwch.net
Sat Feb 7 14:05:14 UTC 2009
Am Samstag 07 Februar 2009 01:24:53 schrieb Mikkel L. Ellertson:
> Roger Grosswiler wrote:
> >> Dumb question - are you monitoring just the traffic across the
> >> "host-to-host" link, or are you also getting the local network traffic?
> >>
> >> Mikkel
> >> --
> >
> > Hi Mikkel,
> >
> > i do on the client-machine a "tcpdump -i eth1" - which is the only
> > connected card (wireless). This shows, that connecting to my
> > ipsec-enabled server only, traffic is in ESP, but surfing around doesn't.
> > Default Gateway is the
>
> ipsed-enabled server.
>
> > Roger
>
> This is definitely strange. I am going to have to think about this
> some more. It does not make sense...
>
> Mikkel
...and just to say, if i give firefox the ip-adress of the proxy, it works
purely encrypted...
route from client:
192.168.3.0 0.0.0.0 255.255.255.0 U 2 0 0 eth1
192.168.122.0 0.0.0.0 255.255.255.0 U 0 0 0 virbr0
0.0.0.0 192.168.3.100 0.0.0.0 UG 0 0 0 eth1
192.168.3.100 is the ipsec-server.
Thanks,
Roger
More information about the fedora-list
mailing list