[Openswan Users] Openswan has "interesting traffic" like Cisco ACL?

SilverTip257 silvertip257 at gmail.com
Sat Jul 21 18:47:13 EDT 2012

I don't know if this is what you want or need to do, but I'll throw
the idea out here.

You could use iptables on your Linux host to DNAT [0] certain traffic
and sending it across your IPSec tunnel.
-j DNAT --to-destination X.X.X.X:Y

** I can't vouch that this will work properly as I've not tried it.
If you decide to give it a shot I'd appreciate hearing if it works.

[0] http://linux-ip.net/html/nat-dnat.html

//  SilverTip257  //

On Sat, Jul 21, 2012 at 11:40 AM, Brendan Choi <bchoi9999 at gmail.com> wrote:
> What is the Openswan equivalent to Cisco IOS's "interesting traffic"?
> I have Linux Openswan working with a Cisco router. I would like to give
> Openswan the precise IP and TCP traffic I want encrypted, just like with a
> Cisco ACL.
> Seems the closest thing is "leftsubnets" and "rightsubnets". I'm new to
> Openswan, so please enlighten me. Thanks!
> _______________________________________________
> Users at lists.openswan.org
> https://lists.openswan.org/mailman/listinfo/users
> Micropayments: https://flattr.com/thing/38387/IPsec-for-Linux-made-easy
> Building and Integrating Virtual Private Networks with Openswan:
> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155

More information about the Users mailing list