[Openswan Users] Eroute after rekeying
Andrew Nowrot
andrew.nowrot at gmail.com
Thu Feb 17 15:31:46 EST 2011
On 17 February 2011 21:12, Willie Gillespie
<wgillespie+openswan at es2eng.com> wrote:
> On 02/17/2011 01:06 PM, Andrew Nowrot wrote:
>>
>> Hi
>> I have got a question regarding my configuration.
>>
>> My config look like this:
>>
>> conn tunnel1
>
> <snip>
>>
>> leftsubnet=0.0.0.0/0
>
> <snip>
>>
>> rightsubnet=0.0.0.0/0
>
> <snip>
>>
>> 0 0.0.0.0/0 -> 0.0.0.0/0 =>
>> tun0x1003xxx.yyy.vvv.zz4
>> OK so a have added two additionals routes by hand and both tunnels
>> started working (I can reach the resources behind first tunnel)
>> 0 0.0.0.0/0 -> aaa.bbb.ccc.ddd/30 =>
>> tun0x1001 at xxx.yyy.vvv.zz2
>> 0 0.0.0.0/0 -> xxx.yyy.vvv.0/24 =>
>> tun0x1001 at xxx.yyy.vvv.zz2
>
> I'm not sure that leftsubnet and rightsubnet in your config are set
> correctly... or at least I've never used all zeros for those.
>
Hi
Thanks for your answer.
I think they are OK ;). You sort of need that to do so called "route
based tunnels". This is not complete config, I also have this updown
script (pointed in leftupdown option) where I add and del appropriate
routes. I just did not want to give all unnecessary details (or maybe
they were important to understand my configuration).
Best Regards
Andrew
More information about the Users
mailing list