<html><head><meta name="Generator" content="PSI HTML/CSS Generator"/>
<style type="text/css"><!--
body{font-family:'Tahoma';font-size:10pt;font-color:'#000000';}
LI{display:list-item;margin:0.00in;}
p{display:block;margin:0.00in;}
body{}
--></style>
</head><BODY BGCOLOR="#F0F0F0" ><div><SPAN style="font-size:10pt;">On Tue, 20 Sep 2005 11:57:03 -0300, Carlos Arnt wrote:<br /></SPAN><SPAN style="font-size:10pt;color:navy;">> On Mon, 19 Sep 2005 19:41:36 +0200 (CEST), Paul Wouters wrote:</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:maroon;">>> On Mon, 19 Sep 2005, Carlos Arnt wrote:</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:maroon;">>></SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:purple;">>>> How make route in openswan ??</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:purple;">>>></SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:purple;">>>> I will explain my network problem</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:purple;">>>></SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:purple;">>>> I have 3 networks</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:purple;">>>></SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:purple;">>>> A - 192.168.1.x</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:purple;">>>> B- 192.168.2.x</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:purple;">>>> C- 192.168.3.x</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:purple;">>>></SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:purple;">>>> Using ipsec i have Network A and Network B connected.</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:purple;">>>> That´s great, both see each other very well.</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:purple;">>>></SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:purple;">>>> But now in Network A i have a router connected to it using the</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:purple;">>>> IP</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:purple;">>>> 192.168.1.254 From network A i can see Network C and from C</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:purple;">>>> see</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:purple;">>>> A. Great .. How make Network B see Network C ??? I insert a</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:purple;">>>> route in Network A route add -net 192.168.3.0 gw 192.168.1.254</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:purple;">>>></SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:maroon;">>></SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:maroon;">>> You can't throw arbitrary traffic through a tunnel. You will need</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:maroon;">>> to setup proper IPsec tunnels for all subnets involved.</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:maroon;">>></SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:maroon;">>> If 192.168.3.0 is behind 192.168.1.254, then you need to add a</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:maroon;">>> second tunnel from A to B for the traffic with source 192.168.3.0.</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:maroon;">>> Just copy the connection information, rename the connection and</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:maroon;">>> change the one subnet= option.</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:maroon;">>></SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:maroon;">>> Paul </SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:maroon;">>></SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:navy;">> Thats great Paul,</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:navy;">></SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:navy;">> But just a question ..</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:navy;">></SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:navy;">> Here is my connection from Point B</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:navy;">></SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:navy;">> conn hqBarraIpanema-satBarraIpanema</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:navy;">> left=200.xxx.xxx.200</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:navy;">> leftnexthop=200.xxx.xxx.1</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:navy;">> leftsubnet=192.168.2.20/255.255.255.0</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:navy;">> right=201.xxx.xxx.4</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:navy;">> rightnexthop=201.xxx.xxx.1</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:navy;">> rightsubnet=192.168.1.1/255.255.255.0</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:navy;">></SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:navy;">> conn hqgateBarraIpanema-satnetBarraIpanema</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:navy;">> left=200.xxx.xxx.200</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:navy;">> leftnexthop=200.xxx.xxx.1</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:navy;">> right=201.xxx.xxx.4</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:navy;">> rightnexthop=201.xxx.xxx.1</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:navy;">> rightsubnet=192.168.1.1/255.255.255.0</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:navy;">></SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:navy;">> conn hqnetBarraIpanema-satgateBarraIpanema</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:navy;">> left=200.xxx.xxx.200</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:navy;">> leftnexthop=200.xxx.xxx.1</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:navy;">> leftsubnet=192.168.2.20/255.255.255.0</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:navy;">> right=201.xxx.xxx.4</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:navy;">> rightnexthop=201.xxx.xxx.1</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:navy;">></SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:navy;">> conn hqgateBarraIpanema-satgateBarraIpanema</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:navy;">> left=200.xxx.xxx.200</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:navy;">> leftnexthop=200.xxx.xxx.1</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:navy;">> right=201.xxx.xxx.4</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:navy;">> rightnexthop=201.xxx.xxx.1</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:navy;">></SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:navy;">> Here goes from Point A</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:navy;">></SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:navy;">> conn hqipanemabarra-satipanemabarra</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:navy;">> left=201.xxx.xxx.4</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:navy;">> leftnexthop=201.xxx.xxx.1</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:navy;">> leftsubnet=192.168.1.1/255.255.255.0</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:navy;">> right=200.xxx.xxx.200</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:navy;">> rightnexthop=200.xxx.xxx.1</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:navy;">> rightsubnet=192.168.2.20/255.255.255.0</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:navy;">></SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:navy;">> conn hqgateipanemabarra-satnetipanemabarra</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:navy;">> left=201.xxx.xxx.4</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:navy;">> leftnexthop=201.xxx.xxx.1</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:navy;">> right=200.xxx.xxx.200</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:navy;">> rightnexthop=200.xxx.xxx.1</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:navy;">> rightsubnet=192.168.2.20/255.255.255.0</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:navy;">></SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:navy;">> conn hqnetipanemabarra-satgateipanemabarra</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:navy;">> left=201.xxx.xxx.4</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:navy;">> leftnexthop=201.xxx.xxx.1</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:navy;">> leftsubnet=192.168.1.1/255.255.255.0</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:navy;">> right=200.xxx.xxx.200</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:navy;">> rightnexthop=200.xxx.xxx.1</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:navy;">></SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:navy;">> conn hqgateipanemabarra-satgateipanemabarra</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:navy;">> left=201.xxx.xxx.4</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:navy;">> leftnexthop=201.xxx.xxx.1</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:navy;">> right=200.xxx.xxx.200</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:navy;">> rightnexthop=200.xxx.xxx.1</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:navy;">></SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:navy;">> So I´m a newbie here, i send both conf from my stations.</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:navy;">></SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:navy;">> I have point C that is a Cisco-Router (No IPSEC) connected in my</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:navy;">> switch with IP : 192.168.1.254</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:navy;">></SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:navy;">> How make the conf ? Then my Point B see Point C ??</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:navy;">></SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:navy;">> Thanks alot for helping out !</SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:navy;">></SPAN><SPAN style="font-size:10pt;"><br /></SPAN><SPAN style="font-size:10pt;color:navy;">> Carlos</SPAN><SPAN style="font-size:10pt;"><br /><br /><br />Carlos Arnt</SPAN></div>
<div> </div>
</body></html>