[plug] Advanced IPSec routing
Andrew Cooks
acooks at gmail.com
Mon Oct 10 13:14:10 WST 2011
On Mon, Oct 10, 2011 at 6:34 AM, Steve Baker <steve at iinet.net.au> wrote:
>
> I think that the problem is that B decides that packets going to network E
> do not go through an IPSec tunnel (as E is not connected to the gateway B
> system, directly or via IPSec) then by the time the new routing rule above
> says 'send it to gateway C' it is too late to go through any IPSec tunnels.
>
Hi Steve
I think you need to set the route in ipsec on gateway B with something like:
# ipsec eroute --add --eraf inet --src A.A.A.A/24 --dst E.E.E.E/24 --said %pass
I hope that helps and good luck.
Andrew
--
"One good reason why computers can do more work than people is that
they never have to stop and answer the phone."
More information about the plug
mailing list