[Openswan Users] openswan routes

Paul Wouters paul at xelerance.com
Mon Apr 16 22:39:44 EDT 2007


On Sun, 15 Apr 2007, dcyspm wrote:

> I have a configuration where I need one tunnel on my
> internal network, and another over the internet.  Both
> tunnels work.  What I want to do now is to route
> packets from the source of the internal tunnel through
> the tunnel to my firewall and then through the second
> tunnel.  Packets will go through either tunnel, but
> they will not go through both.
> Tunnels:
>
> 192.168.50.0/24 -- <internal corporate network > --
> <other internal corporate network> -- 192.168.40.0/24
> (works, packets from 192.168.50.x are encrypted and
> reach 192.168.40.x)
>
> 192.168.40.0/24 -- <internet address my side> --
> <internent address remote side> -- 10.10.70.0/24
> (works packets from 192.168.40.x reach 10.10.70.x)
>
> I am trying to get packets from 192.168.50.x to
> 10.10.70.x.

You will need to create two ipsec tunnels with
leftsubnet=192.168.50.0/24 and rightsubnet=10.10.70.0/24
for each "leg" of the trip. So they will have a different left/right
combination (one for the inside lan and one for the outside connection)

Paul
-- 
Building and integrating Virtual Private Networks with Openswan:
http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155


More information about the Users mailing list