[Openswan Users] Tunnel headends
Andrei-Florian Staicu
andrei.staicu at ipso.ro
Sat Mar 24 04:54:44 EDT 2007
Andy Gay wrote:
>
> No. That's a common misconception. You need to remember that IPsec
> tunnels have a policy associated with them, that's what you're
> configuring in your left/rightsubnet entries. No packets will be allowed
> into the tunnel unless their source and destination addresses are both
> inside those networks.
>
> It's easy to add additional tunnels though.
>
This is a little bit awkward. I was hoping to get a virtual wire. My
tunnel example was simplistic, because behind each server i have at
least 4 private subnets. If what you are saying is true, for 2 locations
with 4 subnets each, i need 16 tunnels. And i have 12 locations.
Thanks for all your help, it seems i'm back to the drawing board.
--
Andrei-Florian STAICU
Network administrator
Tel: (+40) 741.227.014
IPSO S.A.
More information about the Users
mailing list