[Openswan Users] OpenSWAN config for Linux-Windows and Linux-Linux
Paul Wouters
paul at xelerance.com
Tue Oct 25 17:02:48 EDT 2011
On Mon, 24 Oct 2011, Sohl, Jacob (LNG-SEA) wrote:
> Doesn't default route only apply to the local system? And I would rather
> be able to specify a list of hosts or a subnet of IPs as peers but I'm
> not quite sure how to do that.
pluto needs to "figure out" if it is left or right. When only specifying dynamic
entries, it cannot use any kind of IP address lookup to determine if it is the
left (server) or the right (client)
It really depends on what you wnat to accomplish and what OSes are involved.
Paul
>> -----Original Message-----
>> From: Paul Wouters [mailto:paul at xelerance.com]
>> Sent: Sunday, October 23, 2011 12:25 PM
>> To: Sohl, Jacob (LNG-SEA)
>> Cc: users at openswan.org
>> Subject: Re: [Openswan Users] OpenSWAN config for Linux-Windows and
>> Linux-Linux
>>
>> On Fri, 21 Oct 2011, Sohl, Jacob (LNG-SEA) wrote:
>>
>>> /etc/ipsec.d/test1.conf
>>>
>>> conn test1
>>> type=transport
>>> left=%defaultroute
>>> right=%any
>>
>> In general, it is bad to use both %defaultroutte and %any, as openswan
>> can not neccesaarilly know if it is supposed to be left= or right=
>>
>> Paul
>
More information about the Users
mailing list