[strongSwan] How to configure the rw Carol to force the non-vpn directed packets to pass through the same secure tunnel?
zmao at qualcomm.com
Fri Aug 17 00:23:06 CEST 2012
Thanks, Richard! That works.
From: users-bounces+zmao=qualcomm.com at lists.strongswan.org [mailto:users-bounces+zmao=qualcomm.com at lists.strongswan.org] On Behalf Of Richard Andrews
Sent: Wednesday, August 15, 2012 11:24 PM
To: users at lists.strongswan.org
Subject: Re: [strongSwan] How to configure the rw Carol to force the non-vpn directed packets to pass through the same secure tunnel?
If it is IKEv2 I believe you can add multiple traffic selectors to a tunnel. I haven't experimented with that yet.
>From the man page (leftsubnet)
When using IKEv2, the configured subnet of the peers may differ,
the protocol narrows it to the greatest common subnet. Further,
IKEv2 supports multiple subnets separated by commas. IKEv1
only interprets the first subnet of such a definition.
On Thu, 2012-08-16 at 05:12 +0000, Mao, Zhiheng wrote:
> Hi there,
> I have a testing situation where rw Carol establishes the remote
> access with gw Moon and tunnels the VPN packets (10.1.1.x/24) through
> the Moon. Now I have a need to force other non-vpn directed packets
> (129.46.64.x/24) on Carol to go through the same secure tunnel to the
> Moon. They will be routed later from the Moon after they come out of
> the secure tunnel. Is there any way I can configure Carol (a RedHat 5
> host running strongswan-5.0.0) to do that? Thanks a lot!
Users mailing list
Users at lists.strongswan.org
More information about the Users