[Openswan Users] NET (roadwarrior) - To - NET connectin is
possible?
Paul Wouters
paul at xelerance.com
Sat Jun 11 01:36:32 CEST 2005
On Thu, 9 Jun 2005, Randy B wrote:
> Here's my question: why do we do net-to-net connections? Someone slap
> me and tell me what this offers over setting up a host-to-host between
> gateways and just setting up proper routes?
Security. You cannot 'route add' into ipsec tunnels. There are ipsec
policies involved. Any packet with some strange src/dst will not be
allowed to go through the tunnel, unless it follows tunnel policies.
Paul
More information about the Users
mailing list