[Openswan Users] Pass through connections

Philip Mountifield pmountifield at formac.net
Mon Dec 22 07:33:52 EST 2008


Hi all,

I have what should be a trivial task to achieve but I can't seem to find 
the appropriate configuration.

I have 2 Openswan servers, one in the subnet 192.168.1.0/24 and one in 
the subnet 192.168.0.0/16. I have a tunnel between the two. The obvious 
problem is that when the tunnel is up the 192.168.1.0/24 end of the 
tunnel sends all the traffic down the tunnel, as you expect with netkey. 
So I want to add a passthrough on the 192.168.1.0/24 end of the tunnel 
for local traffic to skip the ipsec processing. I have tried more 
variations of this passthrough connection than I'd care to count but in 
no situation have I been able to communicate locally at 192.168.1.0/24 
when the tunnel is up!

Could someone please clarify how this connection should be done as is 
does not seem to work when setup as the example in the big openswan book 
or any others I've found on the web.

Additional info: Local end of vpn tunnel running with a public ip 
aliased to the eth0 device which get routed properly, remote end is 
directly connected to internet.

Kind regards

Philip

-- 

Philip Mountifield
Formac Electronics Ltd
tel  +44 (0) 1225 338176
fax  +44 (0) 1225 446094
pmountifield at formac.net
www.formac.net





More information about the Users mailing list