[Openswan Users] Tunnel to 0.0.0.0/0 except some addresses
Markus
mlist at dlite.de
Sun Nov 27 12:47:13 CET 2005
Hi,
I have the following setup:
localnet1 -----\ /----- localnet3
router1 ---(untrusted)--- router2
localnet2 -----/ \----- Internet
I have setup a tunnel between localnet1+localnet2 to 0.0.0.0/0. That works
nearly perfect, I can reach localnet3 and the Internet without problems from
localnet1/2. But I cannot reach localnet2 from localnet1 as (I think)
router1 sends everything from localnet1 to router2 (which is not acceptable
as the connection between router1 and router2 is very slow). I think that I
need a tunnel which says "to 0.0.0.0/0 except localnet2" or a route on
router1 which overwrites the ipsec-routes (eroute?). Is that right? How can
I do this?
I am using on both routers:
openswan-2.4.4 on linux-2.6.8 (Debian sarge), same tested with openswan-2.2
--
Beste Grüße / best regards Markus
More information about the Users
mailing list