[Openswan Users] Odd route problem

Gary W. Smith gary at primeexalia.com
Mon Apr 11 00:21:44 CEST 2005

I've created separate cons for each one and it works (as expected) but I
end up with 14 routes per site.  I guess the proper long term strategy
would be to ensure that the ranges for each site setup based on
different subnets.


-----Original Message-----
From: Tomasz Grzelak [mailto:tgrzelak at wktpolska.com.pl] 
Sent: Sunday, April 10, 2005 10:55 PM
To: Gary W. Smith; users at openswan.org
Subject: Re: [Openswan Users] Odd route problem

Gary W. Smith wrote:

> Hello,

> I have a bunch of odd routes at one end of the tunnel that I would 
> like to access with an ipsec tunnel but I have been running into
> I have a couple different subnets on the server side, 
>, and The network that I'm trying 
> to connect up is I added to the .conf file 
> and was able to establish the connection from the server and ping to 
> the remote network but once I do that all of my requests for the local

> network are going through the tunnel. This seems to be an expected 
> side effect of the
> Shouldn't ipsec see the as a local network?
no, it shouldn't. A subnet is something like an aggregate 
route for the networks above, and it covers all of your networks because

of the mask. Define different conns for your networks with the mask, leaving the subnet.

Tomasz Grzelak

More information about the Users mailing list