Date: Thu, 17 May 2001 17:55:27 -0700 From: steve@Watt.COM (Steve Watt) To: questions@freebsd.org Cc: brunomiguel@netcabo.pt Subject: Re: Ipsec and routing Message-ID: <200105180055.f4I0tRn26746@wattres.Watt.COM> In-Reply-To: <3B047B3A.27933.502C04@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
brunomiguel@netcabo.pt wrote: > [ ipsec working btwn 192.168.100.0/24 and 192.168.200.0/24 ] >Now I setup today a box C, VPN'ed 192.168.0.0/24 with box A. Everything >works fine between private subnets A and C, but I can't send from B to C, [ ... ] You need to add a policy to /etc/ipsec.conf that allows the packets to flow through; if you look at the spdadd commands, you'll see that your network numbers show up there. So you've got two choices: - Set up another pair of IPsec policies (and tunnels) between B and C, or - Set up another pair of IPsec policies (and tunnels) for the traffic you want to pass, both from B to A and from A to C. In other words, just fully mesh them. It's easier. -- Steve Watt KD6GGD PP-ASEL-IA ICBM: 121W 56' 57.8" / 37N 20' 14.9" Internet: steve @ Watt.COM Whois: SW32 Free time? There's no such thing. It just comes in varying prices... To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200105180055.f4I0tRn26746>