[Openswan Users] Tunnel / Routing Woes
Bryan McAninch
bryan at mcaninch.org
Thu Nov 10 13:09:06 CET 2005
Hi all,
I have a firewall/endpoint with two net-to-net tunnels currently
established. I would like the endpoint itself to also be able to talk to
the remote networks, but I am unable to figure out how to do so. I have
read some old FreeSWAN documentation on using the 'ip' utility to accomplish
this, but it still seems a bit unclear.
The existing tunnels are defined as such:
conn netA-netB
left=a.b.c.d
leftsubnet=10.64.71.0/24
right=e.f.g.h
rightsubnet=10.64.0.0/19
authby=secret
auto=start
conn netB-netA
left=a.b.c.d
leftsubnet=10.64.71.0/24
right=e.f.g.h
rightsubnet=172.30.0.0/16
authby=secret
auto=start
I would like the endpoint, a.b.c.d, to be able to communicate with both
the 10.64.0.0/19 and 172.30.0.0/16 subnets (for syslog, etc).
[root at endpoint] ip route get 10.64.0.0/19
10.64.0.0 via a.b.c.d dev ipsec0 src a.b.c.d
cache mtu 16260 advmss 16220
[root at endpoint] ip route get 172.30.0.0/16
172.30.0.0 via a.b.c.d dev ipsec0 src a.b.c.d
cache mtu 16260 advmss 16220
Any pointers?
Thanks in advance,
Bryan
--
"He who exercises no forethought but makes light of his opponents is sure to
be captured by them" - S¨±n Z¨«, The Art of War
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3042 bytes
Desc: not available
Url : http://lists.openswan.org/pipermail/users/attachments/20051110/bc14bb4f/smime-0001.bin
More information about the Users
mailing list