IPSEC Tunnel Routing question
Tom Thompson
tomt at callcds.com
Fri Dec 5 13:58:32 PST 2003
I think I figured out the problem but am unsure how to fix it
To recap my situation is as follows
Internet connection located in Building A(independent of BSD boxes)
FreeBSD 5.1 machine located at Building A
FreeBSD 5.1 machine located at Building B
Building-To-Building wireless between building A and Building B
Goal
All traffic NOT destined for the local area lan at Building B
should go thru a VPN tunnel over the wireless link to building A
and out its internet connection.
The problem
Building B's BSD box does not know to encrypt traffic to the internet
and send it thru the vpn.
My ipsec.conf has
spdadd building B/subnet building A/subnet any -P out ipsec
and the reverse
The traffic to the internet is not sent over the VPN so it goes nowere
I have tried
spdadd building a/subnet 0.0.0.0/0 any -P out ipsec
and the reverse
Now all traffic is encrypted EVEN traffic destined for the LAN
Anyone have any suggestions
Thanks
Tom
More information about the freebsd-questions
mailing list