[Openswan Users] Tunnel headends

Andrei-Florian Staicu andrei.staicu at ipso.ro
Sat Mar 24 04:54:44 EDT 2007


Andy Gay wrote:
>
> No. That's a common misconception. You need to remember that IPsec
> tunnels have a policy associated with them, that's what you're
> configuring in your left/rightsubnet entries. No packets will be allowed
> into the tunnel unless their source and destination addresses are both
> inside those networks.
>
> It's easy to add additional tunnels though.
>   
This is a little bit awkward. I was hoping to get a virtual wire. My 
tunnel example was simplistic, because behind each server i have at 
least 4 private subnets. If what you are saying is true, for 2 locations 
with 4 subnets each, i need 16 tunnels. And i have 12 locations.

Thanks for all your help, it seems i'm back to the drawing board.

-- 
Andrei-Florian STAICU
Network administrator
Tel: (+40) 741.227.014
IPSO S.A.




More information about the Users mailing list