[Openswan Users] Change routing in openswan server

Arnel B. Espanola aespanola at arts.ucla.edu
Wed Jun 11 18:03:32 EDT 2008


I have two interfaces in my openswan server and they are on different 
network. To illustrate it, let's name it as Eth0 (public) and 
Eth1(private). The Eth0 has the IP address of VPN (1.2) where 
unauthenticated clients connect. And Eth1 has the IP address (2.2) that 
is in the same network of authenticated clients. I've noticed what's 
happening when clients connect to the VPN (1.2) and then get 
authenticated it will get routed back to 1.1 (g/w of Eth0). I'd like, if 
possible, all authenticated clients' traffic to be routed to Eth1 after 
passing the authentication. The reason I want to do this is to secure 
the the authenticated network (1.1.2.x). Does anyone knows how it can be 

                      Eth0    VPN    Eth1
1.1.1.x|gateway|---------| openswan |----------|gateway|1.1.2.x
               1.1      1.2         2.2        2.1

Any help or suggestions on how can this be setup will be greatly 


More information about the Users mailing list