exclude network from ipsec
misha saf
msaf1980 at rambler.ru
Tue May 20 07:54:20 UTC 2008
God day. I have some problem with ipsec, established between two
networks
10.11.0.0/16, D-Link DFL-210. LAN IP - 10.11.3.1
10.11.56.0/16, FreeBSD 6.3 LAN IP - 10.11.56.1
/etc/ipsec.conf
flush;
spdflush;
spdadd 10.11.56.0/24 10.11.0.0/16 any -P out ipsec
esp/tunnel/xx.xx.xx.xx-yy.yy.yy.yy/require;
spdadd 10.11.0.0/16 10.11.56.0/24 any -P in ipsec
esp/tunnel/yy.yy.yy.yy-xx.xx.xx.xx/require;
Routing table
10.11/16 yy.yy.yy.yy UGS 3222382 3223301 vlan0
10.11.56/24 link#1 UC 0 0 rl0
Tunnel established and work fine, but queries from 10.11.56.0/24 to
10.11.56.1 are dended through ipsec tunnel
I can't ping 10.11.56.1 even localy from router
There are a way to send queriers from 10.11.56.0 to several networks
from 10.11.0.0/24 (10.11.56.0/24, 10.11.57.0/24 for example) without
ipsec ?
More information about the freebsd-questions
mailing list