[Openswan Users] when using NETKEY, is a route necessary ?

Willie Gillespie wgillespie+openswan at es2eng.com
Tue Jan 22 00:59:12 EST 2013


Not 100% sure, but I've never had to add a route using NETKEY.

On 1/21/2013 4:43 AM, Ming-Hong Wu wrote:
> Hi there,
>
>       Assume there's a site-to-site policy,
>
> 192.168.75.0/24===172.16.10.61
> <http://192.168.75.0/24===172.16.10.61><172.16.10.61>...172.16.10.60<172.16.10.60>===192.168.0.0/24
> <http://192.168.0.0/24>
>
>      on the left gateway, is it necessary to add a route like ?
>             ip route add 192.168.0.0/24 <http://192.168.0.0/24> dev eth0
>
>
>      Though _updown.netkey helps to add such route, I found that
> 192.168.75.X can ping 192.168.0.Y and vice versa.
>      Does NETKEY lookup routing table ? or something else like XFRM ?
>
>
> --
> Sincerely,
> minhong
>
>
> _______________________________________________
> Users at lists.openswan.org
> https://lists.openswan.org/mailman/listinfo/users
> Micropayments: https://flattr.com/thing/38387/IPsec-for-Linux-made-easy
> Building and Integrating Virtual Private Networks with Openswan:
> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
>


More information about the Users mailing list