Hi Roger, Here is the message I sent to Shorewall mailing list.
M Lu. ----- Original Message ----- From: "M Lu" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Wednesday, June 04, 2003 12:10 AM Subject: Re: [Shorewall-users] Two VPN connections (IPSEC) > Hi, > > Tom just helped me on this issue a couple of days ago. > > This is what I do when I have 2 tunnels (subnet-subnet) to one site. You > have 2 tunnels to 2 sites but should be similar > > /etc/shorewall/tunnels > ipsec net 64.128.24.x vpn,vpn2 > # You may need 2 lines here (each for diffrent remote IP) > > > > in /etc/shorewal/interfaces > - ipsec0 > > > in /etc/shorewall/hosts > > vpn ipsec0:192.168.15.0/24 > vpn2 ipsec0:192.168.22.0/24 > > and the corresponding rules and policy for vpn, vpn2 and your network. > > > I hope that helps. > > M Lu. > > > > >From: Phil Foxton <[EMAIL PROTECTED]> > >To: [EMAIL PROTECTED] > >Subject: [Shorewall-users] Two VPN connections (IPSEC) > >Date: 03 Jun 2003 16:57:11 +0100 > > > >Hi, > > > >I currently have a good setup running shorewall to protect my network at > >home, and it works fine if I just want to have a tunnel to one site > >(lets call it Challenge) but if I add a tunnel to another site (lets > >call it Stony), the tunnel comes up ok (I can see from ipsec look that > >the tunnels are there) but I cannot pass any traffic over them, even > >though I can send traffic over the original tunnel. Any ideas? > > > >RGDS > > > >Phil > >-- > >Phil Foxton <[EMAIL PROTECTED]> > >Intelligent Maintenance Systems Ltd > > > >_______________________________________________ > >Shorewall-users mailing list > >Post: [EMAIL PROTECTED] > >Subscribe/Unsubscribe: > >http://lists.shorewall.net/mailman/listinfo/shorewall-users > >Support: http://www.shorewall.net/support.htm > >FAQ: http://www.shorewall.net/FAQ.htm > > _________________________________________________________________ > The new MSN 8: smart spam protection and 2 months FREE* > http://join.msn.com/?page=features/junkmail > > _______________________________________________ > Shorewall-users mailing list > Post: [EMAIL PROTECTED] > Subscribe/Unsubscribe: http://lists.shorewall.net/mailman/listinfo/shorewall-users > Support: http://www.shorewall.net/support.htm > FAQ: http://www.shorewall.net/FAQ.htm > ----- Original Message ----- From: "Roger E McClurg" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, June 09, 2003 11:53 AM Subject: [leaf-user] Multiple VPNs in Bering 1.2 > My current firewall uses Dachstein 1.02 and acts as a central site VPN > device. I have numerous VPNs using the ipsec0 interface. Each VPN has a > fixed address and of course different subnets. I wish to replace the > current firewall with Bering 1.2, but I am having problems configuring the > VPNs on Shorewall. I've read the Shorewall docs, but they are directed > more toward road-warrier VPNs, not numerous lan-lan tunnels. Can anyone > (Tom?) show me how to do this, or point me to some existing documentation? > > Roger > > > > ------------------------------------------------------- > This SF.net email is sponsored by: Etnus, makers of TotalView, The best > thread debugger on the planet. Designed with thread debugging features > you've never dreamed of, try TotalView 6 free at www.etnus.com. > ------------------------------------------------------------------------ > leaf-user mailing list: [EMAIL PROTECTED] > https://lists.sourceforge.net/lists/listinfo/leaf-user > SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html > ------------------------------------------------------- This SF.net email is sponsored by: Etnus, makers of TotalView, The best thread debugger on the planet. Designed with thread debugging features you've never dreamed of, try TotalView 6 free at www.etnus.com. ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
