[Openswan Users] "Right Subnet" encryption exceptions
Daniel Corbe
daniel.junkmail at gmail.com
Mon Aug 11 16:07:01 EDT 2008
Guys,
I'm peering with a Cisco device whose peering address is in the same subnet
as their "right subnet". See the below config. On the Cisco side it's very
easy to exclude an address from an encrypted subnet with an access list but
there doesn't seem to be the same facilities in OpenSWAN. How do I go about
excluding a specific /32 out of a right subnet?
conn telcentris-3
auto = start
ike = 3des-md5
esp = 3des-md5
ikelifetime = 86400s
keylife = 3600s
pfs = no
leftsubnet = 63.175.30.89/32
right = 208.90.33.250
rightsubnet = 208.90.33.0/24
-Daniel
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20080811/02c6795f/attachment.html
More information about the Users
mailing list