<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40"><head><META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=us-ascii"><meta name=Generator content="Microsoft Word 14 (filtered medium)"><style><!--
/* Font Definitions */
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri","sans-serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:"Calibri","sans-serif";
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-family:"Calibri","sans-serif";}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]--></head><body lang=EN-US link=blue vlink=purple><div class=WordSection1><p class=MsoNormal>Does anyone have any documentation on setting up a ‘hub and spoke’ configuration using Openswan?<o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>I have a scenario where I am connecting both Azure and AWS to a single Openswan instance using each prospective provider’s VPN gateway. The tunnels come up and everything is fine with one exception. Resources deployed in Azure cannot communicate with resources deployed in Aws, and vice versa. Both can communicate with the Openswan instance, however. The route tables are correctly setup in AWS and Azure so I am convinced its my configuration.<o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>I have two connection entries in the ipsec.conf<o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>(Spoke1) Azure = 172.16.0.0/23<o:p></o:p></p><p class=MsoNormal>(Spoke2) AWS = 10.10.10.0/23<o:p></o:p></p><p class=MsoNormal>Hub Network = Openswan = 192.168.1.0/24<o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>I am also using netkey for the protocol.<o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal>Any help with getting nodes in spoke 1 to communicate with nodes in spoke 2 would be greatly appreciated!<o:p></o:p></p><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal><o:p> </o:p></p></div></body></html>