OpenSwan ipsec - conf,check -I need help

Hi ,
i want to create Lan IPsec connection between two hosts, like this

|HOST A|------IPsec----|HOST B|
_____________ ____________/
\ /
LAN

Host A ip : 192.168.17.200 (SuseLinuxEnt + OpenSwan)
Host B ip : 192.168.17.201 (SuseLinuxEnt + OpenSwan)
mask : 255.255.255.0

How to configure OpenSwan to work in LAN ? (ipsec.conf,ipsec.secrets)
How to initialize connection(The New Tunnel) ?
How to check encryption of connection ? Does Connection realy work ? How to test The New Tunnel ?

Below is what my “ipsec verify” return

Checking your system to see if IPsec got installed and started correctly
Version check and ipsec on-path [OK]
Linux Openswan U2.2.0/K2.6.8-1.521 (native)
Checking for IPsec support in kernel [OK]
Checking for RSA private key (/etc/ipsec.secrets) [OK]
Checking that pluto is running [OK]
Two or more interfaces found, checking IP forwarding [OK]
Checking NAT and MASQUERADEing [N/A]<----what’s mean N/A
Checking for ‘ip’ command [OK]
Checking for ‘iptables’ command [OK]
Checking for ‘setkey’ command for native IPsec stack support [OK]

How to change “Checking NAT and MASQUERADEing [N/A]” to “[OK]” ?

N/A is abbreviation for Not Applicable, i.e. doesn’t need to be checked.

Sorry I don’t know about the rest.

Could it be that your setup is actually more complicated:

LANA -> HOSTA -> ROUTER w/ NAT

-> [INTERNET]

-> ROUTER w/ NAT -> HOST B -> LANB

I have solved this setup. It was quite straight forward, but I have two NIC in my HOSTA, one is part of the VPN network and one is part of the LAN. In this setup, adding the parameter “leftsourceip” did the job for openswan. But I am running Version 2.6.x of openswan not the suse version (2.4.7)