[Openswan Users] Problem with the traffic

Jacco de Leeuw jacco2 at dds.nl
Wed Jan 4 23:46:39 CET 2006

Albert Sanuy Goñi wrote:

> I've configured a server with L2TP/IPSEC x509 like roadwarrior.
> My problem is that the clients send all the traffic by the tunnel and I
> don't want it.

What you want then is 'split tunnelling':
Note that this is generally regarded to be less secure.

> I want the clients only send by the tunnel the packets that have as a
> destination address the server address.

I am not sure if you really want that. If the destination address is the
external IP address then you cannot do that with L2TP/IPsec. You probably
meant the internal IP address of the server or the entire internal subnet.
Then what you want will work.

Jacco de Leeuw                         mailto:jacco2 at dds.nl
Zaandam, The Netherlands           http://www.jacco2.dds.nl
                     Mosquitos suck

More information about the Users mailing list