[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openswan-users
Subject:    Re: [Openswan Users] bridging to OpenVPN -- is it possible?
From:       Neal Murphy <neal.p.murphy () alum ! wpi ! edu>
Date:       2013-04-17 21:43:26
Message-ID: 201304171743.26407.neal.p.murphy () alum ! wpi ! edu
[Download RAW message or body]

On Wednesday, April 17, 2013 04:52:50 PM Viacheslav Dushin wrote:
> >leftsourceip should be set to the LAN IP of the machine that is running
> 
> Openswan - your gateway.
> 
> >Does 10.128.0.2 exist?
> 
> Yes.
> 
> Thanks for the answers.
> 
> 
> 2013/4/18 Nick Howitt <n1ck.h0w1tt@gmail.com>
> 
> >  leftsourceip should be set to the LAN IP of the machine that is running
> > 
> > Openswan - your gateway.
> > Does 10.128.0.2 exist?
> > I wonder if you have a firewalling problem but I'm not good with these.
> > 
> > I don't understand the question of bridging IPsec or OpenVPN networks. It
> > uses IPsec to bridge two networks. Similarly you can use OpenVPN to two
> > bridge networks.

OpenVPN is merely routed IP traffic. It should pass through an IPSEC tunnel as 
readily as any other IP traffic does. Government/military often require nested 
tunnels; in case a vulnerability is found in the outer tunnel, the inner 
tunnel will maintain security. There's probably little reason one couldn't run 
IPSEC through an OpenVPN tunnel just as easily. Granted, getting the 
addressing right may be a chore.

[prev in list] [next in list] [prev in thread] [next in thread]