[Openswan Users] routing question

Andreas Lüdtke andi.luedtke at gmx.de
Thu Jan 19 09:20:14 CET 2006

> > Now my question: is this the right way to achieve this or do I need to enter this
> > via ipsec eroute or ipsec.conf? I would like see an additional route to
when I
> > run ipsec eroute...
> > 
> <snip>
> If I understand you correctly, then you either need to add another
> connection definition for a tunnel between and
> or you need to change the subnet mask in the existing definition to 23
> bits, i.e., a tunnel between and  Of course,
> the mask must agree on both sides of the tunnel.  Hope this 
> helps - John


you did understood me right. My idea was to use one tunnel to the company gateway, because
this gateway handles the routes to all other destinations. When I use a different subnet
mask (i.e., I can reach the other nets, but when the company gateway is
trying to establish a connection from to, then the Openswan on says it has no connection for Or should I use two connections: one
for outgoing and one for incoming?

Is there a possibility to add additional routes for a given vpn tunnel?

More information about the Users mailing list