[Openswan Users] setting routes with klips
Paul Wouters
paul at xelerance.com
Mon Oct 2 12:43:46 EDT 2006
On Mon, 2 Oct 2006, Christian Horn wrote:
> i am not able to use an established openswan/klips-tunnel
> to read additional networks.
That is correct.
> After establishing that tunnel i reach hosts from the
> rightsubnet as expected. What is the correct way to add
> 192.168.1.0/24 to be routed/encrypted using this tunnel?
Add a new connection to the configuration. It will re-use the
same phase-1.
> 'ipsec eroute --add --eraf inet --src 172.16.0.1/32 \
> --dst 192.168.1.0/24 --said tun0x1002 at 10.0.0.1'
> and add a route:
> 'ip r a 192.168.1.0/24 dev ipsec0'.
You cannot do that. You're missing IPsec policies in the kernel.
Paul
--
Building and integrating Virtual Private Networks with Openswan:
http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
More information about the Users
mailing list