[Openswan Users] several separated hosts per connection possible?

lee hughes toxicnaan at gmail.com
Thu May 12 02:53:55 CEST 2005 

is it just a matter of add extra 'routes' at both ends when the ipsec
tunnel is up,?

I've heard you can run ospf as a routing protocol if your using gre,
so take away all that static configuration, you need to be running
ospf at both ends...
I may set up a test box on the internet, and configure it for this,
would anyone out the like to be my 'vpn' buddy, and see if we can get
a 'meta' net going, just for fun!

Laters,


On 5/11/05, Markus Feilner <lists at feilner-it.net> wrote:
> Am Mittwoch, 11. Mai 2005 15:03 schrieb Markus Feilner:
> > Hello list,
> > I have an existing vpn tunnel with openswan ipsec under kernel 2.6.
> > the tunnel is from one host to another, the subnet declaration is
> > x.x.x.x/32 for left and right.
> > Now we need to add some hosts in different subnets to this tunnel.
> > I would prefer defining more tunnels, but the vpn partner on the other side
> > (cisco pix) cannot define more tunnels, but he can add single hosts to this
> > tunnel regardless of the netmask.
> >
> > Is it possible that i add hosts to this tunnel like simply stating.
> > leftsubnet=a.a.a.a/32,b.b.b.b/32,c.c.c.c/32 ?
> >
> > I do not want to use a /14 or /15 subnet (which would be the other
> > solution)
> >
> > Please note that i cannot use OE.
> Ok, I guess DNAT and SNAT with iptables is the best solution for this,
> but has anybody any documentation about that?
> --
> Mit freundlichen Grüßen,
> Markus Feilner
> 
> --------------------------
> Feilner IT Linux & GIS
> Linux Solutions, Training, Seminare und Workshops - auch Inhouse
> Beraiterweg 4 93047 Regensburg
> fon +49 941 9465243 fax +49 941 9465244 mobil + +49 170 3027092
> skype ID: mfeilner mail: mfeilner at feilner-it.net
> 
> --
> mit freundlichen Grüssen,
> Markus Feilner
> --
> Feilner IT Linux & GIS
> Linux Solutions, Training, Seminare und Workshops - auch Inhouse
> Beraiterweg 4 93047 Regensburg
> fon +49 941 9465243 fax +49 941 9465244 mobil + +49 170 3027092
> mail mfeilner at feilner-it.net web http://www.feilner-it.net
> _______________________________________________
> Users mailing list
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users
>

More information about the Users mailing list