[Openswan dev]

Maya Zimerman Maya.Zimerman at expand.com
Wed Nov 30 09:58:19 CET 2005


Hi Michael,
Thanks for your reply.
Actually my problem with the routes was from the tunnel device to my
device.
My flow is as follows:

->bridge->ipsec0->myDevice0

Maya

-----Original Message-----
From: Michael Richardson [mailto:mcr at sandelman.ottawa.on.ca] 
Sent: Tuesday, November 29, 2005 5:35 PM
To: Maya Zimerman
Cc: dev at openswan.org
Subject: Re: [Openswan dev] 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


You need to write your routes such that traffic that you wish to place
in the tunnel gets routed to the tunnel device.

You may need to modify the interfaces= line to run IPsec on top of the
bridge device, or you may need to modify the _updown script to place
the appropriate routes into your modified routing system.

(or dispense with the routes that _updown creates entirely, and
configure them yourself statically)

You might do better with a diagram. Many bridged systems have no
problems at all.

- -- 
]       ON HUMILITY: to err is human. To moo, bovine.           |
firewalls  [
]   Michael Richardson,    Xelerance Corporation, Ottawa, ON    |net
architect[
] mcr at xelerance.com      http://www.sandelman.ottawa.on.ca/mcr/ |device
driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security
guy"); [
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Finger me for keys

iQEVAwUBQ4x1N4CLcPvd0N1lAQLfVAf7BXyeKnFRZlcqaFGN6rHRw90kV7GaZ0As
L9+IPaXGaRZrxoK3ZvoAjhst1W3p6ZDwsDShJnl/cP3VZBB8HUs6bLQPpRAoSb5L
GaGEMCLe1K3R13I96Z9tsIM9kV0WfhOeFlPb6BO6rlAVabUKJ4imZUropi9WwNXc
/jfWT08+0GINfwNGHYzhIkuzSjsLIIJNwQk1YZ7v2DjjoFGOGQU6Wy9cFLFKAHoG
yDFnk0GoNM+F73ZMJznqvu0s6CsIK/fcftrlPzi1RALShokc9wVn2JzLnJ8a7lbV
2vnzeScIqbAGfw4A4g9kH5Sy308k81wA6jnLbQdt1dp0YCvRhrbOfg==
=9FT9
-----END PGP SIGNATURE-----

 
 
************************************************************************
************
This footnote confirms that this email message has been scanned by
PineApp Mail-SeCure for the presence of malicious code, vandals &
computer viruses.
************************************************************************
************



More information about the Dev mailing list