[Openswan Users] routing question
John A. Sullivan III
jsullivan at opensourcedevel.com
Wed Jan 18 16:50:51 CET 2006
On Wed, 2006-01-18 at 22:29 +0100, Andreas Lüdtke wrote:
> I have a working vpn connection between let's say 10.0.1.0/24 (my Openswan router) and
> 10.0.2.0/24 (company gateway). The company gateway is handling routes to other
> destinations (also via vpn) i.e. 10.0.3.0/24.
>
> My problem is now that I want to reach 10.0.3.0/24 via the company gateway 10.0.2.1 from
> 10.0.1.0. I tried to set a route to 10.0.3.0/24 via the "route" command. Obviously I must
> have done something wrong with the route command because it's not working.
>
> ipsec eroute gives me:
> 3 10.0.1.0/24 -> 10.0.2.0/24 => tun0x1002 at 12.34.56.78
>
> Now my question: is this the right way to achieve this or do I need to enter this route
> via ipsec eroute or ipsec.conf? I would like see an additional route to 10.0.3.0/24 when I
> run ipsec eroute...
>
<snip>
If I understand you correctly, then you either need to add another
connection definition for a tunnel between 10.0.1.0/24 and 10.0.3.0/24
or you need to change the subnet mask in the existing definition to 23
bits, i.e., a tunnel between 10.0.1.0/24 and 10.0.2.0/23. Of course,
the mask must agree on both sides of the tunnel. Hope this helps - John
--
John A. Sullivan III
Open Source Development Corporation
+1 207-985-7880
jsullivan at opensourcedevel.com
If you would like to participate in the development of an open source
enterprise class network security management system, please visit
http://iscs.sourceforge.net
More information about the Users
mailing list