[Openswan dev]

Michael Richardson mcr at sandelman.ottawa.on.ca
Tue Nov 29 10:35:20 CET 2005


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


You need to write your routes such that traffic that you wish to place
in the tunnel gets routed to the tunnel device.

You may need to modify the interfaces= line to run IPsec on top of the
bridge device, or you may need to modify the _updown script to place
the appropriate routes into your modified routing system.

(or dispense with the routes that _updown creates entirely, and
configure them yourself statically)

You might do better with a diagram. Many bridged systems have no
problems at all.

- -- 
]       ON HUMILITY: to err is human. To moo, bovine.           |  firewalls  [
]   Michael Richardson,    Xelerance Corporation, Ottawa, ON    |net architect[
] mcr at xelerance.com      http://www.sandelman.ottawa.on.ca/mcr/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Finger me for keys

iQEVAwUBQ4x1N4CLcPvd0N1lAQLfVAf7BXyeKnFRZlcqaFGN6rHRw90kV7GaZ0As
L9+IPaXGaRZrxoK3ZvoAjhst1W3p6ZDwsDShJnl/cP3VZBB8HUs6bLQPpRAoSb5L
GaGEMCLe1K3R13I96Z9tsIM9kV0WfhOeFlPb6BO6rlAVabUKJ4imZUropi9WwNXc
/jfWT08+0GINfwNGHYzhIkuzSjsLIIJNwQk1YZ7v2DjjoFGOGQU6Wy9cFLFKAHoG
yDFnk0GoNM+F73ZMJznqvu0s6CsIK/fcftrlPzi1RALShokc9wVn2JzLnJ8a7lbV
2vnzeScIqbAGfw4A4g9kH5Sy308k81wA6jnLbQdt1dp0YCvRhrbOfg==
=9FT9
-----END PGP SIGNATURE-----


More information about the Dev mailing list