[Openswan Users] How do I set up openswan of an entire subnet?

Michael Tautschnig michael.tautschnig at zt-consulting.com
Thu Feb 24 02:09:36 CET 2005


[...]
>
> The gateway? I am not entirely sure what your plan was. I thought trying to route all
> traffic (0.0.0.0/0) via ipsec to the next machine (so all wifi gets encrypted)
>
>> If so, as tunnel mode is the only possible configuration to allow
>> "rightsubnet", aren't all packets then sent to %right ?
>
> Yes, all packets except tunnel packets are encapsulated and send to right. Wasn't that
> what you wanted?
>

Yes, sorry. The actual idea is:

My subnet is 192.168.0.0/26 with maybe 30 hosts - and all traffic *within* 
that network should be encrypted, because others might be listening in. I 
don't care about data leaving that network.

I was using racoon before, were I just set up a policy (using setkey) for 
192.168.0.0/26 - but because of some troubles in other situations I hoped, 
openswan would do better.

Thanks,
Michael


More information about the Users mailing list