[Openswan Users] Tunnel headends
Paul Wouters
paul at xelerance.com
Fri Mar 23 19:47:28 EDT 2007
On Sat, 24 Mar 2007, Andrei-Florian Staicu wrote:
> > Add another tunnel. Most parameters will be the same as your existing
> > conn, just change rightsubnet=192.168.4.0/24 to rightsubnet=10.0.0.0/24.
> >
> I don't get it. Shouldn't
> ip route add 10.0.0.0/24 src 192.168.3.1 via 192.168.4.1
> on srvA work, since now i cand reach srvB from srvA?
no. An IPsec tunnel is not a virtual ethernet wire. It's a security
association with security paramters dictating what can and cannot
be send over that tunnel.
Paul
--
Building and integrating Virtual Private Networks with Openswan:
http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
More information about the Users
mailing list