[Openswan Users] OpenSWAN & aliased interfaces

Jesse L. Zamora xtremekforever at gmail.com
Thu Apr 7 14:13:33 EDT 2011


Hello,

I was just wondering if it is possible to use an aliased interface in an
IPSEC tunnel using OpenSWAN. Let me familiarize you with my
configuration:

|----------------------------------------------|
|------------------------------------------|
| Client 1 IPSEC:                               |
| Local IPSEC (my network):  |
| Endpoint IP: 74.205.127.225  | <----------------> | Public IP:
64.135.12.130     |
| Subnet: 10.122.91.0/24            |                            |
Subnet: 172.27.12.0/24       |
|----------------------------------------------|
|------------------------------------------|


This is the current configuration that I have, and it works great using
an IPSEC tunnel configured using OpenSWAN. 

Now I need to create the following configuration:

|----------------------------------------------|
|------------------------------------------|
| Client 2 IPSEC:                               |
| Local IPSEC (my network):   |
| Endpoint IP: 200.39.21.10       | <----------------> | Public IP:
64.135.12.130      |
| Subnet: 172.16.184.0/21         |                             |
Subnet: 10.216.91.192/28 |
|----------------------------------------------|
|------------------------------------------|

So this brings me to my question: is it possible to create an aliased
interface for the subnet 10.216.91.192/28 and have OpenSWAN route the
packets to the other host? On my network, the Public IP 64.135.12.130 is
the firewall as well as the VPN gateway, so there is no NAT going on.
Currently, eth0 is the external interface and eth1 currently has a
subnet of 172.27.12.0/24.

I am using Fedora 11 with OpenSWAN 2.6.25.

Thank you so much,
Jesse L. Zamora



More information about the Users mailing list