[Openswan Users] "Right Subnet" encryption exceptions
Paul Wouters
paul at xelerance.com
Tue Aug 12 16:49:23 EDT 2008
On Mon, 11 Aug 2008, Daniel Corbe wrote:
[found in postponed email]
> I'm peering with a Cisco device whose peering address is in
> the same subnet as their "right subnet". See the below
> config. On the Cisco side it's very easy to exclude an
> address from an encrypted subnet with an access list but
> there doesn't seem to be the same facilities in OpenSWAN.
> How do I go about excluding a specific /32 out of a right
> subnet?
Use a passthrough connection
conn passthrough
left=yourip
right=0.0.0.0
type=passthrough
auto=route
authby=never
Paul
More information about the Users
mailing list