[Openswan Users]

tomk at runbox.com tomk at runbox.com
Tue Oct 12 14:29:34 CEST 2004


> On Mon, 2004-10-11 at 11:55, tomk at runbox.com wrote:
> > For anyone in a rush, here's the question: If I set up a host-to-net
> > VPN between Host A on Network A and all machines on Network B, does it
> > only carry traffic with those particular source and destination
> > parameters? Or can it also carry traffic  originating from Host A and
> > going to destinations beyond Network B?
> > <snip>
> > Was my original expectation incorrect? If so, is there something I can
> > do to enable all traffic from the laptop to use the tunnel?
> <snip>
> Yes, the tunnel will only carry what you tell it to carry.  If you've
> only told it to carry traffic for 192.168.10.0/24, that's all it will
> do.  If you want all traffic to flow through the tunnel, you could make
> the target subnet 0.0.0.0/0.0.0.0 rather than 192.168.10.0/24.  I
> believe that's how we did our GNOC setup as described in the training
> slides on http://iscs.sourceforge.net).  Hope this helps - John
> -- 
> John A. Sullivan III
> Chief Technology Officer
> Nexus Management
> +1 207-985-7880
> john.sullivan at nexusmgmt.com
> ---
> If you are interested in helping to develop a GPL enterprise class
> VPN/Firewall/Security device management console, please visit
> http://iscs.sourceforge.net 
> 
Cheers John. I set up a second tunnel going to 0.0.0.0/0.0.0.0, and it's working perfectly - accessing my internal 192.168.10.0 network, and everything else.
Love this list!


More information about the Users mailing list