[Openswan Users] Multiple IKE destinations in config file
Paul Wouters
paul at xelerance.com
Wed Feb 25 13:17:08 EST 2009
On Wed, 25 Feb 2009, ss murthy nittala wrote:
> Suppose if multiple IKE conns are defined using different destination
> gateways.Can we specify separate leftsubnet,rightsubnet values for
> each of these IKE connections?
yes.
> How do we associate them using
> configuration commands.My idea is to direct different data flows
> through different IKE tunnels.
openswan automatically re-uses a phase1 if two conns share it. Other
then that, it is just two different tunnels, so:
conn one
left=1.2.3.4
right=5.6.7.8
leftsubnet=10.0.0.0/24
rightsubnet=10.0.1.0/24
conn two
left=1.2.3.4
right=2.2.2.2
leftsubnet=10.10.10.0/24
rightsubnet=10.20.20.0/24
conn three
left=1.2.3.4
right=2.2.2.2
leftsubnet=10.11.11.0/24
rightsubnet=10.20.20.0/24
etc etc.
Paul
> Thanks in advance
> -nsmurthy
>
> At 12:57 AM 2/25/2009, Paul Wouters wrote:
>> On Tue, 24 Feb 2009, ss murthy nittala wrote:
>>
>>> In ipsec.conf configuration file we can specify the Gateway addresses
>>> using the keywords left and right.But how do we configure multiple
>>> gateway addresses ie..how can we configure multiple IKE records to
>>> connect simultaneously to different destination gateways?
>>
>> Create another "conn connectionname" section.
>>
>> Paul
>> _______________________________________________
>> Users at openswan.org
>> http://lists.openswan.org/mailman/listinfo/users
>> Building and Integrating Virtual Private Networks with Openswan:
>> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
>
>
> _______________________________________________
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users
> Building and Integrating Virtual Private Networks with Openswan:
> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
>
More information about the Users
mailing list