[Openswan Users] How to route between tunnel
Frank hubrach
f.hubrach at spiekermann.de
Tue Aug 30 14:55:28 CEST 2005
> Hello List,
> i have problems to route between more then two Subnets.
> Following constellation is used :
>
> SubNet A(192.168.20.0/24) ------- GW A (OpenSwan 2.3.1) ------
> Internet ------ GW B (Openswan 2.3.1) ---------SubNet B
> (192.168.24.0/24)
>
> Internet ------ GW C (
> Openswan 2.3.1) --------SubNet C (192.168.40.0/24)
>
> Internet ------ GW D (
> Openswan 2.3.1)-------- SubNet D (192.168.48.0/24)
>
> Internet ------ GW E (
> Openswan 2.3.1)---------SubNet E (192.168.60.0/24)
>
> and so on ... up to 15 tunnel.
>
> Every Tunnel can connect to GW A and work fine.
> But also there must be a connection for send and recieve data between
> SubNets B C D E F etc.
>
>
> What can I do ...for every Tunnel a seperate config ?
>
>
>
> My ipsec.conf :
> version 2.0
> config setup
> interfaces=%defaultroute
> klipsdebug=none
> plutodebug=none
> uniqueids=yes
> forwardcontrol=yes
>
> conn %default
> keylife=120m
> keyingtries=2
> disablearrivalcheck=no
> authby=rsasig
> left=IP of left device
> leftnexthop=xx.yy.cc.dd
> leftcert=/etc/ipsec.d/certs/left-cert.pem
>
> conn private
> auto=ignore
>
> conn private-or-clear
> auto=ignore
>
> conn clear
> auto=ignore
>
> conn clear-or-private
> auto=ignore
>
> conn block
> auto=ignore
>
> conn OEself
> auto=ignore
>
>
> conn packetdefault
> auto=ignore
>
> conn SubC-SubA
> right=%any
> rightrsasigkey=%cert
> rightid="right cert"
> rightsubnet=192.168.40.0/24
> leftsubnet=192.168.20.0/24
> auto=add
>
> conn SubB-SubA
> right=%any
> rightrsasigkey=%cert
> rightid="right cert2"
> rightsubnet=192.168.24.0/24
> leftsubnet=192.168.20.0/24
> auto=add
>
More information about the Users
mailing list