[Openswan Users] Tricky routing question

Ralf Guenthner gue at alphatel.de
Mon Sep 6 12:44:35 CEST 2004

Hi list

I'm faced with the following situation:

Roadwarriors  <->  GwA  <-> GwB ---NetB

In words: A group of roadwarriors using SSH Sentinel connects to a 
gateway, using x.509 certificates and with a remote network setting for 
NetA (which is directly connected to GwA). GwA is running a DHCP server 
and we assign private IPs to the RWs via DHCP-over-IPSEC as described in 
papers by Andreas Steffen and others.

GwA also has a site-2-site-VPN with GwB, so that NetA can reach NetB and 
vice versa. Now the roadwarriors want to be able to access servers in 
NetB also. Is there a way to do this except having the RW connect to GwB 
directly? I've looked at various docs but no scenario I've found seems 
to quite fit our requirements. Subnets is not the solution, since NetA 
and NetB are totally different (one is private, one is public IP space).

Any help highly appreciated
Ralf G.

More information about the Users mailing list