[strongSwan] How to configure the rw Carol to force the non-vpn directed packets to pass through the same secure tunnel?
richard.andrews at symstream.com
Thu Aug 16 08:24:03 CEST 2012
If it is IKEv2 I believe you can add multiple traffic selectors to a
tunnel. I haven't experimented with that yet.
>From the man page (leftsubnet)
When using IKEv2, the configured subnet of the peers may differ,
the protocol narrows it to the greatest common subnet. Further,
IKEv2 supports multiple subnets separated by commas. IKEv1
only interprets the first subnet of such a definition.
On Thu, 2012-08-16 at 05:12 +0000, Mao, Zhiheng wrote:
> Hi there,
> I have a testing situation where rw Carol establishes the remote
> access with gw Moon and tunnels the VPN packets (10.1.1.x/24) through
> the Moon. Now I have a need to force other non-vpn directed packets
> (129.46.64.x/24) on Carol to go through the same secure tunnel to the
> Moon. They will be routed later from the Moon after they come out of
> the secure tunnel. Is there any way I can configure Carol (a RedHat 5
> host running strongswan-5.0.0) to do that? Thanks a lot!
More information about the Users