[Openswan Users] routing between tunnels
Paul Wouters
paul at xelerance.com
Thu Nov 18 17:21:25 CET 2004
On Thu, 18 Nov 2004, Joost Kraaijeveld wrote:
> I have a VPN server (OpenSwan that is the endpoint of two tunnels with PSK (see below)
>
> + ---- vigor --- 172.29.0.0
> 172.31.0.0 --- VPN server--|
> + ---- vigor --- 172.28.0.0
>
> The tunnel work OK and I can ping from the 17.31.0.0 network to both other networks. But I also want to be able to ping from the 172.29.0.0 network to the 172.28.0.0 network.
These seen locally connected, so this experiment might not be representative for what
you are trying to do. Perhaps you need to test using another box:
-----vigor 1
--VPN1---router+
---- vigor2
> What should be the route I have to add to the Vigor routers / VPN server to make it work?
With ipsec, you never 'add routes' manually. It conflicts with IPsec policies. VPN tunnels
are not virtual ethernet cards.
Paul
More information about the Users
mailing list