[Openswan Users] gateway-to-gateway traffic is not encrypted

martin f krafft madduck at madduck.net
Tue Mar 8 08:25:26 CET 2005

also sprach Paul Wouters <paul at xelerance.com> [2005.03.07.1955 +0100]:
> If your gateway uses it's public IP as source, then it will not fall
> without the net-to-net ipsec policy and go out plaintext. You can
> either define a host-host and/or host-net and net-host tunnels to
> cover all combinations, or add a left/rightsourceip= pointing to
> the internal IP address to change the default src address used
> for traffic on the gateways.

Awesome, leftsourceip is exactly what I wanted/needed. Thank you
thank you thank you.

martin;              (greetings from the heart of the sun.)
  \____ echo mailto: !#^."<*>"|tr "<*> mailto:" net at madduck
invalid/expired pgp subkeys? use subkeys.pgp.net as keyserver!
spamtraps: madduck.bogus at madduck.net
"everyone has a little secret he keeps,
 i like the fires when the city sleeps."
                                                  -- mc 900 ft jesus
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.openswan.org/pipermail/users/attachments/20050308/82087665/attachment.bin

More information about the Users mailing list