[Openswan Users] Tranport mode over multiple hops

George Hadjichristofi ghadjich at vt.edu
Thu Dec 15 13:25:05 CET 2005


I am trying to establish an ipsec security association in transport mode
over multiple hops.

I currently have this network configuration:
This configuration represents a small mesh/mobile ad hoc network.
I am using the build-in kernel with Openswan.
On G1 the routing table is setup so that G1 can reach by using 
In the same way, on G3 the routing table is setup so that can
be reached by using
If I establish an IPsec tunnel in transport mode between G1 and G3 then
the routing table is modified such that G1 is directly connected to G3
and vice versa. At this point the G1 and G3 can no longer communicate
with each other.
Why does this change happen? Does it originate from Openswan or the
built-in kernel Ipsec?
Is there a way to stop this change in the routing table ?
Note that the IPsec tunnel works if G1 is directly connected to G3.

More information about the Users mailing list