[Openswan Users] Routing on a bigger network

John A. Sullivan III jsullivan at opensourcedevel.com
Mon Jan 31 12:08:53 CET 2005

Dave Stubbs wrote:
> Hello all,
> I have the following setup:
> --+ --+-- router -- 
> -------+
> ---+                                     |
> ---+                                 LinuxServer
>                                                         |
>                                                        VPN
>                                                         |
> -+                                 LinuxServer
> ---+                                     |
> ---+-- router -- ------+
> -+
> The VPN is an OpenSWAN IPSec tunnel through the internet, and each 
> immediate network at the end of the VPN is connected to lots of other 
> networks via various methods.  I've only shown 4 of them on each side, 
> but there are actually many more.  OpenSWAN works great for the two 
> subnets immediately attached to the two Linux Servers, but I want to be 
> able to have a machine on the network able to connect 
> to a machine on the segment.
> The main group of networks at the top could be summarized as 
> and the bottom ones could be summarized as 
> but not necessary.  There are plans to hook the top part to another 
> whole pile - say,
> It would be really nice to put OSPF on the two linux servers and have 
> them propagate routes through the VPN, but I'm reading that this is not 
> possible because OpenSWAN uses "policies", not "routes".  Is there any 
> example of how to do this?
> Thanks,
> Dave...
> _______________________________________________
> Users mailing list
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users
We are working on a project that will automatically create all the 
various connection definitions for you when you define the direct and 
indirectly connected networks on the gateway.  Unfortunately, ISCS is 
not ready yet (http://iscs.sourceforge.net).  I do not know if any one 
else has such an automated configurator available - John

John A. Sullivan III
Open Source Development Corporation
+1 207-985-7880
jsullivan at opensourcedevel.com

Financially sustainable open source development

More information about the Users mailing list