Hi All,<div><br></div><blockquote class="webkit-indent-blockquote" style="margin: 0 0 0 40px; border: none; padding: 0px;"><div>This is probably a FAQ, but I'll give it a go anyway ...</div><div><br></div><div>Is it possible to send a packet to a subnet's broadcast address on the secure side of a SeGW and have the packet sent down each IPsec tunnel whose inner IP address belongs to that subnet ?</div>
<div><br></div><div>For instance, our strongSwan-based SeGW defines a conn config entry in ipsec.conf where IPsec tunnels established using that config are assigned inner IP addresses from a pool (e.g. <a href="http://10.17.0.0/24">10.17.0.0/24</a>).</div>
<div><br></div><div>If I run a program on the SeGW that formats up a UDP packet and sends it directly to one of the IPsec tunnels using that tunnel's inner IP address (i.e. 10.17.0.8), the UDP packet goes over the tunnel to the remote endpoint.</div>
<div><br></div><div>However, if I run the same program and specify the address pool's broadcast address as the destination (i.e. 10.17.0.255), nothing happens. Certainly, no UDP traffic is sent over the tunnel.</div><div>
<br></div><div>Can anyone shed any light on this please ?</div><div><br></div><div>Regards,</div><div><br></div></blockquote><blockquote class="webkit-indent-blockquote" style="margin: 0 0 0 40px; border: none; padding: 0px;">
<blockquote class="webkit-indent-blockquote" style="margin: 0 0 0 40px; border: none; padding: 0px;"><div>Graham.</div><div><br></div></blockquote></blockquote>