[Openswan Users] Routing between two networks via one point
Neal Murphy
neal.p.murphy at alum.wpi.edu
Wed Jun 29 16:31:00 EDT 2011
On Wednesday 29 June 2011 13:33:38 Gennady Kovalev wrote:
> Hello,
>
> I have to diffirent networks (A, B) behind nat, and one server with
> public ip address (C). Two networks (A, B) set up ipsec with tunnel mode
> to server (C).
>
> I want to set up routing between A and B.
>
> I think openswan did't provide virtual interface and I can't setup
> routing, but I want to ask may be exist some solution?
>
> May be some proxy to setup tonnel from A to B via server C? May be
> something else?
I don't know exactly *how* to do it, but I know that if server C is properly
configured, it will route (forward) packets between the two VPNs. It may be
that you will not have to do anything with server C.
You will have to configure hosts on A and B so that they know which gateway is
to receive packets destined for the other LAN. You would either push such
routes out from DHCP, or manually configure each host with proper routing
tables.
Security-wise, be aware that other networks on C may also be able to access A
and B, and vice-versa.
Summary: once C knows to route (forward) packets between the two VPNs and once
all your hosts on A(B) know which gateway handles packets destined for B(A),
packets should just flow between the two.
More information about the Users
mailing list