[prev in list] [next in list] [prev in thread] [next in thread]
List: strongswan-users
Subject: [strongSwan] supernetting disallowed on directly
From: andreas.steffen () strongsec ! net (Andreas Steffen)
Date: 2005-03-29 21:49:43
Message-ID: 4249B155.50103 () strongsec ! net
[Download RAW message or body]
Hi Scott,
I have a similar setup at home where
eth1 160.85.106.0/29
eth2 160.85.106.8/29
are local networks and I tunnel both subnets to a remote
location via the WAN interface eth0 with the single
definition
leftsubnet=160.85.106.0/28
Regards
Andreas
Scott Mcdermott wrote:
> I am encountering an issue where Strongswan appears to be
> disallowing supernetting a tunnel to include two directly
> connected interfaces
>
> example:
>
> eth0 directly connected, network 10.20.8.0/22
> eth1 directly connected, network 10.20.12.0/22
>
> and I want to set up a single conn with leftsubnet as
> 10.20.8.0/21 so I only need one tunnel.
>
> but for this I cannot get it to work. When I set up two
> separate tunnels instead with the longer prefix, it seems to
> work fine.
>
> Is there anything in Strongswan design that would disallow
> supernetting a directly connected interface?
> _______________________________________________
> Users mailing list
> Users@lists.strongswan.org
> http://lists.strongswan.org/mailman/listinfo/users
--
=======================================================================
Andreas Steffen e-mail: andreas.steffen@strongsec.com
strongSec GmbH home: http://www.strongsec.com
Alter Z?richweg 20 phone: +41 1 730 80 64
CH-8952 Schlieren (Switzerland) fax: +41 1 730 80 65
==========================================[strong internet security]===
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic