[Openswan Users] Tranport mode over multiple hops

George Hadjichristofi ghadjich at vt.edu
Thu Dec 15 13:25:05 CET 2005


Hi, 

I am trying to establish an ipsec security association in transport mode
over multiple hops.

I currently have this network configuration:
G1(10.0.0.1)----G2(10.0.0.2)------G3(10.0.0.3)
This configuration represents a small mesh/mobile ad hoc network.
 
I am using the build-in kernel with Openswan.
 
On G1 the routing table is setup so that G1 can reach 10.0.0.3 by using
10.0.0.2. 
In the same way, on G3 the routing table is setup so that 10.0.0.1 can
be reached by using 10.0.0.2.
If I establish an IPsec tunnel in transport mode between G1 and G3 then
the routing table is modified such that G1 is directly connected to G3
and vice versa. At this point the G1 and G3 can no longer communicate
with each other.
 
Why does this change happen? Does it originate from Openswan or the
built-in kernel Ipsec?
Is there a way to stop this change in the routing table ?
 
Note that the IPsec tunnel works if G1 is directly connected to G3.
 
Thanks
George
 



More information about the Users mailing list