[Openswan Users] How to route between tunnel
Frank hubrach
f.hubrach at spiekermann.de
Fri Aug 26 15:23:47 CEST 2005
Hello List,
i have problems to route between more then two Subnets.
Following constellation is used :
SubNet A(192.168.20.0/24) ------- GW A (OpenSwan 2.3.1) ------ Internet
------ GW B (Openswan 2.3.1) ---------SubNet B (192.168.24.0/24)
Internet ------ GW C ( Openswan
2.3.1) --------SubNet C (192.168.40.0/24)
Internet ------ GW D (
Openswan 2.3.1)-------- SubNet D (192.168.48.0/24)
Internet ------ GW E (
Openswan 2.3.1)---------SubNet E (192.168.60.0/24)
and so on ... up to 15 tunnel.
Every Tunnel can connect to GW A and work fine.
But also there must be a connection for send and recieve data between
SubNets B C D E F etc.
What can I do ...for every Tunnel a seperate config ?
My ipsec.conf :
version 2.0
config setup
interfaces=%defaultroute
klipsdebug=none
plutodebug=none
uniqueids=yes
forwardcontrol=yes
conn %default
keylife=120m
keyingtries=2
disablearrivalcheck=no
authby=rsasig
left=IP of left device
leftnexthop=xx.yy.cc.dd
leftcert=/etc/ipsec.d/certs/left-cert.pem
conn private
auto=ignore
conn private-or-clear
auto=ignore
conn clear
auto=ignore
conn clear-or-private
auto=ignore
conn block
auto=ignore
conn OEself
auto=ignore
conn packetdefault
auto=ignore
conn SubC-SubA
right=%any
rightrsasigkey=%cert
rightid="right cert"
rightsubnet=192.168.40.0/24
leftsubnet=192.168.20.0/24
auto=add
conn SubB-SubA
right=%any
rightrsasigkey=%cert
rightid="right cert2"
rightsubnet=192.168.24.0/24
leftsubnet=192.168.20.0/24
auto=add
More information about the Users
mailing list