[Openswan Users] IPV4 tunnel : traffic selection based on sourceIP
Geekman
the1geekman at gmail.com
Fri Oct 7 10:04:39 EDT 2011
Hi,
Just thought I'd add my two cents here.
I've not tried it so I don't know if it'll do exactly what you need,
but have you tried "type=passthrough"? As described in man ipsec.conf
On Fri, Oct 7, 2011 at 11:53 PM, SaRaVanAn
<saravanan.nagarajan87 at gmail.com> wrote:
> Hi Willie,
> Thanks for your help. Its working fine. I have one more query.
>
> Is there any option in openswan for IPSec pass through case?
> Is it possible to add a policy in openswan with action as "none" instead of
> ipsec?
>
> My aim is that " I dont want to encrypt traffic coming from 20.1.1.1 and I
> want to add a policy for this"
>
>
> On Fri, Oct 7, 2011 at 12:53 AM, Willie Gillespie
> <wgillespie+openswan at es2eng.com> wrote:
>>
>> On 10/6/2011 5:26 AM, SaRaVanAn wrote:
>> >
>> > Hi,
>> > Please find my topology below. I want to encrypt only the traffic
>> > coming with source IP address as 10.1.1.1 and I don't want to encrypt
>> > the traffic coming from 20.1.1.1.
>> >
>> > *Is there any option/configuration in openswan to select traffic based
>> > on source IP address to go through tunnel?*
>>
>> Probably look at leftsubnet=10.1.1.1/32 or leftsubnet=10.1.1.1/nn
>> depending on your needs.
>> _______________________________________________
>> Users at openswan.org
>> http://lists.openswan.org/mailman/listinfo/users
>> Micropayments: https://flattr.com/thing/38387/IPsec-for-Linux-made-easy
>> Building and Integrating Virtual Private Networks with Openswan:
>> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
>
>
> _______________________________________________
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users
> Micropayments: https://flattr.com/thing/38387/IPsec-for-Linux-made-easy
> Building and Integrating Virtual Private Networks with Openswan:
> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
>
>
More information about the Users
mailing list