[Openswan Users] Routing on a bigger network
Dave Stubbs
dave.stubbs at utoronto.ca
Mon Jan 31 11:35:22 CET 2005
Uh, Let's send that txt diagram again:
10.151.169.32/27 --+
10.151.137.32/27 --+-- router -- 10.151.177.64/27 -------+
10.151.178.0/24 ---+ |
10.151.128.0/24 ---+ LinuxServer
|
VPN
|
10.135.202.192/27 -+ LinuxServer
10.135.200.0/24 ---+ |
10.135.201.0/24 ---+-- router -- 10.135.202.224/27 ------+
10.135.203.224/27 -+
Hope that helps
Dave...
Dave Stubbs wrote:
> Hello all,
>
> I have the following setup:
>
>
> 10.151.169.32/27 --+ 10.151.137.32/27 --+-- router -- 10.151.177.64/27
> -------+
> 10.151.178.0/24 ---+ |
> 10.151.128.0/24 ---+ LinuxServer
> |
> VPN
> |
> 10.135.202.192/27 -+ LinuxServer
> 10.135.200.0/24 ---+ |
> 10.135.201.0/24 ---+-- router -- 10.135.202.224/27 ------+
> 10.135.203.224/27 -+
>
> The VPN is an OpenSWAN IPSec tunnel through the internet, and each
> immediate network at the end of the VPN is connected to lots of other
> networks via various methods. I've only shown 4 of them on each side,
> but there are actually many more. OpenSWAN works great for the two
> subnets immediately attached to the two Linux Servers, but I want to
> be able to have a machine on the 10.151.169.32/27 network able to
> connect to a machine on the 10.130.203.224/27 segment.
> The main group of networks at the top could be summarized as
> 10.151.0.0/16 and the bottom ones could be summarized as 10.135.0.0/16
> but not necessary. There are plans to hook the top part to another
> whole pile - say, 10.148.0.0/16.
>
> It would be really nice to put OSPF on the two linux servers and have
> them propagate routes through the VPN, but I'm reading that this is
> not possible because OpenSWAN uses "policies", not "routes". Is there
> any example of how to do this?
> Thanks,
>
> Dave...
> _______________________________________________
> Users mailing list
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users
More information about the Users
mailing list