The question is related to this one
Our office has the SonicWall TZ 170 hardware firewall/VPN server.
My home machine is Debian GNU/Linux v7. I use the OpenSWAN package to connect to the VPN.
The problem is as follows:
I have to switch the VPN policy "Allow connection to" on the VPN server to "All Secured Gateways" in order to make my Linux box get connected. But that's not good, because all other Windows-based clients VPN claim they have access only to the office network, the internet connection is forbidden for them during their VPN session (The "Allow connection to" should be "Split Tunnels" to let them access the internet during a VPN session).
If I connect when the "Split Tunnels" is set then no error is given, but no office's node is reachable.
I tried also to check the "Set Default Route as this Gateway" and specified the address in the "Default LAN Gateway" (on the advanced tab of the TZ170's VPN policy page) to at least make the internet access via the VPN tunnel, but in this case I can not connect at all.
Attached is the screenshot of the VPN policy editor, ipsec.conf file, the log what I see on a successful connection, and the log on "Split Tunnels" (no differences though)
This how I establish the connection:
ipsec setup --start
ipsec whack --listen
ipsec whack --name sonicwall --initiate
This is a help page for the server's VPN policy: