[Openswan Users] Initial setup, iproute or mutliple tunnels....
Marc H. Thoben
chojin at gmx.net
Mon Oct 11 19:59:12 CEST 2004
Hi Scott,
On 11th of October 2004 at 4:07:42, Scott MacKay wrote:
>
> So I guess as a first question, how would one perform
> the routing using only 1 tunnel and iproute2? I do
> have that installed and it seems like it would be more
> useful than multiple tunnels.
I think you should better upgrade to a more recent version openswan,
making it much easier to use the ip command. But in theory you need
to change the line setting up the route in _updown to use
ip route add <other-side-vpn-subnet> via <default-gw> src <vpn-ip>
on both tunnel ends (eyes on "src <vpn-ip>").
Of course you can also replace the route after the tunnel is set up
by hand, to make sure it works, before editing _updown.
I'm running openswan 2.2.0, which gives the possibility to specify
it like this:
chojin at amoebia:~> cat /etc/sysconfig/defaultsource
DEFAULTSOURCE=192.168.1.1
Or browse the ML; I think, a new connection parameter called
"left/rightsrcip" has been implemented recently.
--
Best regards,
Marc
More information about the Users
mailing list