[Openswan Users] Tunnel headends

Paul Wouters paul at xelerance.com
Fri Mar 23 19:47:28 EDT 2007

On Sat, 24 Mar 2007, Andrei-Florian Staicu wrote:

> > Add another tunnel. Most parameters will be the same as your existing
> > conn, just change rightsubnet= to rightsubnet=
> >
> I don't get it. Shouldn't
> ip route add src via
> on srvA work, since now i cand reach srvB from srvA?

no. An IPsec tunnel is not a virtual ethernet wire. It's a security
association with security paramters dictating what can and cannot
be send over that tunnel.

Building and integrating Virtual Private Networks with Openswan:

More information about the Users mailing list