From: Sam Sgro (sam_at_freeswan.org)
Date: Wed Nov 27 2002 - 06:18:12 CET
-----BEGIN PGP SIGNED MESSAGE-----
On Tue, 26 Nov 2002, Luis Enrique Cutillas wrote:
> Hi,
>
> Is this configuration possible?
>
>
> netB - gwB
>
> \
>
> netC - gwC - internet - gwA - netA
>
>
>
>
>
> where gwB and gwC have dynamic IP address
> and gwA have a static IP address (only one)
>
> And computers in netB comunicate with computers in netA (for example)
Okay; so netB talks with netA, and netC talks with netA.
> I dont know how to deal with the interface int gwA.
Ignore it. You only need to worry about interfaces that will be directly
involved with the IPSec negotiations - the one with the public IP.
> I would like to use "ipsec0=eth0 ipsec1=eth0" but this is not possible.
You don't need one interface per tunnel; rather, one ipsec interface,
presumably bound to eth0, or via "%defaultroute", should be sufficient for
your needs. You simply need to distinguish amongst the roadwarriors via the
"id" parameter.
- --
Sam Sgro
sam_at_freeswan.org
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia
Charset: noconv
Comment: For the matching public key, finger the Reply-To: address.
iQCVAwUBPeRVlUOSC4btEQUtAQH8+gP/ZhFTutcww5ECdS0SfxmpFGdqRNC1zyDU
scfsHMx9PN7CDqaMo//CAVFk2f5zvAVf0DQ8VGVgsSsw63WJlx8kJQHAYYcnUe37
PuRuCABwVEqfEYLgsh9sCfr0mgbajHS7rmUs8yMZDe3Kw591xLxmYrfaxlGJ8czb
J7ZT0JQuqCY=
=tzAu
-----END PGP SIGNATURE-----
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.5 : Thu Nov 28 2002 - 05:20:52 CET