[Openswan Users] ipsec can't route pakets comming out of the tunnel
e.lohmann at ic3s.de
Fri Dec 4 10:11:43 EST 2009
I am comming from Kernel 2.4 where IPSec has an interface and routing,
filtering was no problem.
With Kernel 2.6 it's a mess, I have a running IPSec Tunnel with
10.4.0.0/16[any] 0.0.0.0/0[any] any
0.0.0.0/0[any] 10.4.0.0/16[any] any
Pakets comming from 10.4.0.0/16 with any destination other than 10.4.0.0
can be routed and filtered.
Pakets comming from 10.4.0.0/16 with a destination in 10.4.0.0/16 can be
filtered but can't be routed.
I have tried iptables with marks, iptables with policy match but the
pakets with a destination to 10.4.0.0/16 are allways send into the
My constellation is maybe a rare example, but I can't change it.
Many thanks for your help
More information about the Users