[Openswan Users] Route-based VPN
Paul Wouters
paul at xelerance.com
Mon Oct 25 14:21:58 EDT 2010
On Mon, 25 Oct 2010, Vincent Bernat wrote:
> The /custom/script just puts some route to ipsec0 interface for networks
> that should be encrypted.
>
> Now, I would like to have a second VPN with the same instance of OpenSWAN.
> Therefore, I would need an ipsec1 interface.
No you don't need a second interface.
> Can I bind it to a labelled interface (like eth0:1)?
You could (if using ifconfig, not by adding the ip using ip addr)
> I would like to use routes like this:
> ip route add net1 dev ipsec0
> ip route add net2 dev ipsec0
> ip route add net3 dev ipsec1
> ip route add net4 dev ipsec1
I don't understand why. For klips it does not matter via which interface it got
the packet, and it does not record/keep that information around for anything.
Paul
More information about the Users
mailing list