[Openswan Users] openswan routes

Paul Wouters paul at xelerance.com
Mon Apr 16 22:39:44 EDT 2007

On Sun, 15 Apr 2007, dcyspm wrote:

> I have a configuration where I need one tunnel on my
> internal network, and another over the internet.  Both
> tunnels work.  What I want to do now is to route
> packets from the source of the internal tunnel through
> the tunnel to my firewall and then through the second
> tunnel.  Packets will go through either tunnel, but
> they will not go through both.
> Tunnels:
> -- <internal corporate network > --
> <other internal corporate network> --
> (works, packets from 192.168.50.x are encrypted and
> reach 192.168.40.x)
> -- <internet address my side> --
> <internent address remote side> --
> (works packets from 192.168.40.x reach 10.10.70.x)
> I am trying to get packets from 192.168.50.x to
> 10.10.70.x.

You will need to create two ipsec tunnels with
leftsubnet= and rightsubnet=
for each "leg" of the trip. So they will have a different left/right
combination (one for the inside lan and one for the outside connection)

Building and integrating Virtual Private Networks with Openswan:

More information about the Users mailing list