[Openswan Users] Multiple tunnels
Keun Lee
klee at magiqtech.com
Tue Apr 3 17:17:16 EDT 2007
Here's more info - hope this will make it clearer. -- Keun
eth1 eth1 eth2 eth2
A -------------- B -------------- C
| | | |
192.168.0.60 0.59 1.60 1.59
<----- ab -----> <----- bc ----->
<--------------- ac -------------->
ipsec.conf (some part deleted)
conn ab
left=192.168.0.60
right=192.168.0.59
conn bc
left=192.168.1.60
right=192.168.1.59
conn ac
left=192.168.0.60
right=192.168.1.59
When connection ac is started, I can ping from A to C
and tcpdump shows ESP packets between A and C.
Then I bring up connection ab and-or ac.
Then the traffic between A and C stops.
Node B apparently stops routing the packets.
The route talbe of B looks correct, though.
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.0.60 * 255.255.255.255 UH 0 0 0 ipsec0
192.168.1.0 * 255.255.255.0 U 0 0 0 eth2
192.168.1.0 * 255.255.255.0 U 0 0 0 ipsec1
192.168.0.0 * 255.255.255.0 U 0 0 0 eth1
192.168.0.0 * 255.255.255.0 U 0 0 0 ipsec0
> On Tue, 3 Apr 2007, Keun Lee wrote:
>
>> I am trying to configure a ring network. To start, I have a three
>> nodes (static routers) in seriese and would like to encrypt all
>> traffic among them.
>>
>> A ------ B ----- C
>>
>> I tried to construct three separate host-to-host tunnels (ab, bc, ac).
>> This doesn't work. Is there a good way to do this? I would like to
>> use up to 8 nodes in a ring.
>
> It should work. You'll have to provide more information for us to be
> able to tell you more.
>
> Paul
> --
> Building and integrating Virtual Private Networks with Openswan:
> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
>
More information about the Users
mailing list