[Openswan Users] gateway-to-gateway traffic is not encrypted

martin f krafft madduck at madduck.net
Sun Mar 6 17:59:45 CET 2005


I just finished setting up OpenS/WAN for the first time and am
really impressed by how nicely it's done. Specifically, I like the
fact that it integrated perfectly well with my existing PKI, and the
configuration file requires no more than 3-5 lines per peer. Good
job, guys (and some of this goes to the FreeS/WAN crew, of course).

Now I am left with a couple of problems, which I shall split across
separate emails.

First and foremost, I noticed that while the gateways happily tunnel
between two networks, and also tunnel between one gateway and hosts
behind the other, direct traffic between the hosts is not tunneled.
Is this at all supported? Given a standard roadwarrior to gateway
configuration (using x509), how can I make sure that traffic between
the roadwarrior and the gateway itself is encrypted?

-- 
martin;              (greetings from the heart of the sun.)
  \____ echo mailto: !#^."<*>"|tr "<*> mailto:" net at madduck
 
invalid/expired pgp subkeys? use subkeys.pgp.net as keyserver!
spamtraps: madduck.bogus at madduck.net
 
a c programmer asked whether computers have buddha's nature.
as the answer, the master did "rm -rf" on the programmer's home
directory. and then the c programmer became enlightened...
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.openswan.org/pipermail/users/attachments/20050306/74683799/attachment-0001.bin


More information about the Users mailing list