[Openswan Users] Multiple subnets through 1 tunnel

Sebastian Wild sw at cronon.org
Tue Sep 9 10:45:17 EDT 2008


I had the same here. My VPN (L2TP over ipsec) has 10.0.1.0/24 and works 
fine so far.
Now I needed access to our intranet which is a different subnet that is 
not reachable from outside but the vpn server can reach it.

So all i did was

a) set up masquerading from vpn to lan interface on the vpn server

b) set up a network route to tell my client that it shall route all 
traffic for the intranet subnet via the vpn.
On MacOS/BSD you do this with

     route add -net <destinationsubnet> <gateway>
     where the gateway is your vpn interface's ip address!

then it worked fine for me
just that the network route dies if you disconnect the vpn hence the 
interface is gone then ;)
But this could probably be worked around by using some persistent route :)

hope that helps

cheers
Sebastian



Andy Van den Heede wrote:
>
> Hello,
>
> I have a successful VPN tunnel between my local subnet 192.168.1.0/24 
> (Openswan device) and an external subnet 192.168.2.0/24 (Another 
> device not managed by me).
>
> At the other device there is also another subnet 172.16.2.0/24 active 
> that I need to access through this tunnel.
>
> How can I configure my device to route this also through this existent 
> tunnel?
>
> I did a test with following command:
>
> ip route add 172.16.2.0/24 via 192.168.2.254 dev eth0 src 192.168.1.254
>
> But I get this error:
>
> RTNETLINK answers: Network is unreachable
>
> Thanks in advice,
>
> Andy Van den Heede
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users
> Building and Integrating Virtual Private Networks with Openswan:
> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
>    

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3306 bytes
Desc: S/MIME Cryptographic Signature
Url : http://lists.openswan.org/pipermail/users/attachments/20080909/4a8400fa/attachment-0001.bin 


More information about the Users mailing list