[Openswan Users] Problem with default route on tunnel
Andy Gay
andy at andynet.net
Mon Apr 23 09:31:02 EDT 2007
On Mon, 2007-04-23 at 11:54 +0200, Harald Scharf wrote:
> Hello, list
>
>
>
> We want to make our vpn mesh network to use an ipsec tunnel
>
> as default route to the central site, so that any unknown traffic
> (with no explicit vpn destination) uses
>
> the central firewall policies.
>
> The connection becomes established, but the problem is, that any
>
> local routes on the vpn box (witch acts as default gw for the LAN
> clients) are no longer accessible.
>
>
>
> For explanation:
>
> We have the WAN Interface, the LAN Interface and the DMZ interface.
>
> If the tunnel is set to “leftsubnet=0/0” or “leftsubnet=128.0.0.0/0”
>
> then ALL packets are using the tunnel, also these, which should
>
> be routed locally (to the DMZ).
>
>
>
> Any ideas, what I can do to get this working properly?
Check out these threads on the same subject:
http://lists.openswan.org/pipermail/users/2006-August/010409.html
http://lists.openswan.org/pipermail/users/2006-August/010463.html
http://lists.openswan.org/pipermail/users/2006-August/010472.html
>
>
>
> Kind regards
>
>
>
> Harald
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
>
> NESTEC - Die IT Security & Messaging Distribution mit Personlichkeit
> GFi Software - BitDefender - NOD32 - BRICKS ISS - pdfMachine
> 2X Terminal & ThinClient Solutions -Accunetix
> Besuchen Sie uns: www.nestec.at
>
>
> --
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.
> _______________________________________________
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users
> Building and Integrating Virtual Private Networks with Openswan:
> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
More information about the Users
mailing list