On Thu, Jul 27, 2006 at 04:06:44PM +0200, Marco Berizzi wrote: > > conn pass > left=172.16.1.1 > leftsubnet=172.16.0.0/23 > right=172.16.1.253 > rightsubnet=10.180.0./16 > type=passthrough > authby=never > auto=route > > After running 'ipsec auto --add pass && ipsec auto > --route pass' openswan has eaten my static route > inserted by hand: > route add -net 10.180.0.0/16 gw 172.16.1.253 > Here is 'ip r s' output after 'ipsec auto --route > pass': > 172.16.0.0/23 dev eth2 proto kernel scope link src 172.16.1.1 > 10.180.0.0/16 dev eth2 scope link
Oh yeah, forgot about that :) You can set the gateway using rightnexthop=172.16.1.253. > All if fine now. It isn't even needed anymore to > insert the static route now, as it is placed by > openswan. My question is how linux understand that > it should send packets for 10.180.0.0/24 to the > 172.16.1.253 router. It doesn't really. However your router might be proxy arping. Cheers, -- Visit Openswan at http://www.openswan.org/ Email: Herbert Xu ~{PmV>HI~} <[EMAIL PROTECTED]> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html