[Openswan Users] how can i exclude multiple subnets from one side
Ted Kaczmarek
tedkaz at optonline.net
Sun Sep 19 08:37:33 CEST 2004
On Sun, 2004-09-19 at 07:18, Herbert Xu wrote:
> On Sun, Sep 19, 2004 at 06:47:08AM -0400, Ted Kaczmarek wrote:
> >
> > You have an example of how to do that?
> > Say their is a policy
> > for 192.168.0.0/23
> > How would you specify that
> > 192.168.1.0/25 not go through the tunnel
> > without adding a specific route for it?
>
> conn bypass
> left=@localip@
> leftsubnet=@localsubnet@
> right=@remoteip@
> rightsubnet=192.168.1.0/25
> type=passthrough
> auto=route
>
> Replace localip/localsubnet with the real addresses. The value of
> remoteip isn't that important.
So you create another tunnel statement specifying what to bypass in a
previously configured tunnel. So it will then just take the default
route in the table if their is not a more specific route?
Thanks a bunch,
Ted
More information about the Users
mailing list