Eric W. Bates (ericx_lists) writes:
> When you establish an esp tunnel, the subnets on the remote end of the
> tunnel do not seem to appear in either "netstat -nr" or 'route get
> xxx.xxx.xxx.xxx'
>
> Is there a way to display those routes other than using setkey to dump
> the SPD's?
No, because there are no routes. The IPSec layer "hijacks" the packets
and they are encapsulated before the routing table gets a chance
to see them.
You would have to setup transport ESP + gif/gre tunnels to see routing
entries.
Phil
--
_ _ |_ | [EMAIL PROTECTED] catpipe ApS |
(_(_||_ | *BSD solutions, consulting, development |
| Tlf.: +45 7021 0050 http://www.catpipe.net/ |
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
