Re: vpn problem..
-----BEGIN PGP SIGNED MESSAGE-----
Mike Mestnik wrote:
> conn rnet-lnet
> Yes, this workes.
> conn rnet-lserver
>> route add 220.127.116.11 192.168.1.X
>> This route will use the rnet-lnet VPN to access the 1.2 address of
>> the(any) router on that net, should be added on the 18.104.22.168 host. From
>> there the pkts will be sent *directly* to the correct computer.
I'm very used to the freeswan KLIPS module with ipsecX virtual
interfaces where our suggestion would *not* work. Not used to the new
v2.6 ipsec stack yet, which I guess you are refering to. I think
iproute2 could do it with klips, but I just found it easier to build a
tunnel and let freeswan do it's work. As with anything, there's more
than one way to do it. :)
And for the record, all of my above configs work. They are routing ~50
tunnels between a dozen nets right now.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (MingW32)
-----END PGP SIGNATURE-----