Subnet to subnet VPN: Difference between revisions
Jump to navigation
Jump to search
Paul Wouters (talk | contribs) (Created page with "Building a tunnel between two endpoints for multiple subnets is pretty simialar to a host to host VPN tunnel. Except you will see we are adding leftsubnets/rightsubnets ...") |
Paul Wouters (talk | contribs) No edit summary |
||
| Line 3: | Line 3: | ||
<pre> | <pre> | ||
# /etc/ipsec.conf | # /etc/ipsec.conf | ||
# The version is only required for openswan | # The version 2 is only required for compatibility with openswan | ||
version 2 | version 2 | ||
config setup | config setup | ||
protostack=netkey | protostack=netkey | ||
Revision as of 00:15, 2 April 2014
Building a tunnel between two endpoints for multiple subnets is pretty simialar to a host to host VPN tunnel. Except you will see we are adding leftsubnets/rightsubnets statements:
# /etc/ipsec.conf
# The version 2 is only required for compatibility with openswan
version 2
config setup
protostack=netkey
conn mysubnet
also=mytunnel
leftsubnet=192.0.1.0/24
rightsubnet=192.0.2.0/24
conn mysubnet6
also=mytunnel
connaddrfamily=ipv6
leftsubnet=2001:db8:0:1::/64
rightsubnet=2001:db8:0:2::/64
conn mytunnel
leftid=@west
left=192.1.2.23
leftrsasigkey=0sAQOrlo+hOafUZDlCQmXFrje/oZm [...] W2n417C/4urYHQkCvuIQ==
rightid=@east
right=192.1.2.45
rightrsasigkey=0sAQO3fwC6nSSGgt64DWiYZzuHbc4 [...] D/v8t5YTQ==
authby=rsasig
# use auto=start when done testing the tunnel
auto=add