[Openswan Users] routing between tunnels
Paul Wouters
paul at xelerance.com
Thu Nov 18 17:48:16 CET 2004
On Thu, 18 Nov 2004, Joost Kraaijeveld wrote:
> Ah, I was not clear enough: there is a whole internet between the vigors and the VPN server.
Ahhh
> OK. But how do I convince the Vigor routers to send all traffic for the 172.31 and 172.28/29 throught the tunnel? Mmmm. Maybe I should create two tunnels to the VPN server, 1 for each network. Will the OpenSwan VPN server do the appropriate routing (so that I get a star topology and not a mesh topology)?
It will work if you are using KLIPS and not the native 2.6 stack. If you use the latter, you need to create some passthrough routes. Dig
through the archive to find Herbert's post on that (or perhaps someone added it to the wiki)
> Additional question: can I somehow see all incomming and outgoing IPSEC traffic on a Linux 2.6 kernel (something like "tcpdump -i eth2 | grep pattern")?
No :)
Paul
More information about the Users
mailing list