Important: make sure to have a look at the generic information to Netgears VPN routers
Connecting two subnets, 192.168.1.0/24 on the openswan side, 192.168.0.0/24 behind the Netgear VPN router.
Both connect to the internet using a ADSL line with dynamic IPs, both connections register themselfes on DynDNS. The host running openswan is even behind a (stupid) NAT-router (but could be connected to the ADSL-modem himself as well...)
The Netgear router uses the DynDNS name fvs338.dyndns.org, the gateway used by the openswan-host uses openswanhost.dyndns.org
##################### openswan config ##########################
# file: /etc/ipsec.conf
#
# openswan config for connecting openswan <-> netgear fvs338
version 2.0 # conforms to version 2.0 and newer
config setup
plutodebug="none"
conn fvs338
type=tunnel
authby=secret
keyexchange=ike
auto=start
pfs=no
aggrmode=yes
ike=3des-sha1-modp1024
esp=3des-sha1
# LOCAL
left=%defaultroute
leftsubnet=192.168.1.0/24
leftid=me@localid.org
# REMOTE
right=fvs338.dyndns.org
rightsubnet=192.168.0.0/24
rightnexthop=%defaultroute # might be not necessary
rightid=id@remoteid.org
###############################################################
################# openswan preshared key ######################
# file: /etc/ipsec.secrets
#
: PSK "1234567890"
###############################################################
If you need some hints, feel free to contact me: ehrenfeu at informatik dot uni-freiburg dot de
