[Openswan Users] Connection from VPN gateway to machines in same external subnet

Paul Wouters paul at xelerance.com
Fri Jul 2 14:59:33 CEST 2004


On Thu, 1 Jul 2004, Simon Matthews wrote:

> I have noticed that sometimes, the VPN gateway seems to route packets
> destined for machines that are in the same Internet-side subnet (I have 16
> IP addresses in a /28 subnet) as the gateway via the ipsec0 interface.
> There is no vpn connection configured for this.
> 
> Have I done something wrong? Is this normal? Is there a solution? 

This seems to happen when your interface with defaultroute route
vanishes and comes back later. Typically with a ppp interface. You
can tweak the ppp.options file and tell it to replace the defaultroute.
You can also manually fix this in /etc/ppp/ip-up (where you would also,
with klips, would need to attach your virtual interface to your physical
interface). Or you can change the routes in the _updown scripts of openswan.

Paul
-- 

<Reverend> IRC is just multiplayer notepad.




More information about the Users mailing list