[Openswan Users] route to a second subnet behind the gate?
John A. Sullivan III
jsullivan at opensourcedevel.com
Tue Aug 23 15:22:47 CEST 2005
On Tue, 2005-08-23 at 18:39 +0200, Foren wrote:
> hello users,
>
> I have set up an Ipsec Ipsec tunnel from openswan 2.3.1 to 2.4.0rc1.
>
> The subnet behind the gateway is accessible. this subnet is direct connected
> to the gateway. Now in our business we have another subnet.
>
> Is it possible to automaticly add a second route when I establish the tunnel?
<snip>
As long as the gateway knows how to get to the indirect route, i.e., its
routing tables are correct, it should be quite simple. You will simply
need another connection definition (conn section) where [left|
right]subnet=<indirect network> rather than the direct network. You may
find the "also" parameter helpful here if the two subnets share
characteristics that are different from the %default section.
If it just so happens that the two networks can be described in one
supernet, e.g., 192.168.2.0/23 for 192.168.2.0/24 and 192.168.3.0/24,
you could create a single connection definition with the supernet. Good
luck - John
--
John A. Sullivan III
Open Source Development Corporation
+1 207-985-7880
jsullivan at opensourcedevel.com
If you would like to participate in the development of an open source
enterprise class network security management system, please visit
http://iscs.sourceforge.net
More information about the Users
mailing list