FreeS/WAN IPSec for Linux, OLS 2000, RGB
Challenges/Solutions Table of Contents

Road Warrior

An example would be:

conn rw-site2
	left=%defaultroute # on RW config
		# OR
	left=0.0.0.0 # on SG config
	leftid=@rw.example.com
	lefttrsasigkey=0xfedcba987654321...
	right=10.66.77.88
	rightnexthop=10.66.77.1
	rightsubnet=192.168.0.0/24
	rightid=@gateway.site2.example.com
	rightrsasigkey=0x123456789abcdef...
	auto=start

The network described above looks like this:

            left road warrior machine
         interface %defaultroute             =left
                 |
         interface %defaultroute             =leftnexthop
              router
         interface we don't know
                 |
            INTERNET
                 |
         interface we don't know
              router
         interface 10.66.77.1                =rightnexthop
                 |
         interface 10.66.77.88               =right
            right gateway machine
         interface 192.168.0.something
                 |
         subnet 192.168.0.0/24               =rightsubnet

left: The road warrior's external interface, the one it uses to talk to the gateway. The leftnexthop is inferred. On the road warrior, it is set to %defaultroute, on the gateway, to 0.0.0.0.

auto: For the road warrior, it should be set to auto=up, but for the gateway, to auto=add.

The connection can be initiated from the command line on the road warrior with

ipsec auto --up rw-site2

Last modified by Richard Guy Briggs , Sat Jul 15 07:42:28 EDT 2000 .