[Openswan Users] routes in openswan and kernel 2.6
Ethy H. Brito
ethy.brito at inexo.com.br
Thu Jun 21 23:15:51 EDT 2007
On Thu, 21 Jun 2007 12:15:05 -0400
"Peter McGill" <petermcgill at goco.net> wrote:
> > So, I can ping D (10.25.215.254) from A (192.168.10.8) (NATed to
> > 10.25.215.8) but can't ping 172.16.x.x due to the lack of a route at B
> > that send those packets thru the ipsec tunnel.
> >
> > I tried adding this route via 'ip route" but obviously it did
> > not worked.
> >
> > How can I add this missing route to the net behind D ??
> >
> > Ethy
>
> You cannot use ip route or route to add routes through the tunnels, you
> Must add subnets, like so...
>
> conn subnet1
> also=shared
> leftsubnet=192.168.10.0/24
> rightsubnet=10.24.215.0/24
> auto=start
>
> conn subnet2
> also=shared
> leftsubnet=192.168.10.0/24
> righsubnet=172.16.0.0/16
> auto=start
>
> conn shared
> left=A.B.C.D
> right=X.Y.T.Z
> etc...
Hi
That tip did the trick. I can now ping from A to the net behind D.
Thanx
Regards
Ethy
More information about the Users
mailing list