On Tue, Dec 06, 2005 at 12:14:20AM -0500, Brian A. Seklecki wrote: > OpenBSD requires that gateway A and gateway B have a default route > declared!!!!
no, you just need a route to the destination, this is a known but and there's no simple fix. however, just create a network route for the peer that points back to the sender. this way you avoid sending out unencrypted traffic if the ipsec tunnels are down. -m