Hi Roger,
Here is the message I sent to Shorewall mailing list.
M Lu.
- Original Message -
From: M Lu [EMAIL PROTECTED]
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Sent: Wednesday, June 04, 2003 12:10 AM
Subject: Re: [Shorewall-users] Two VPN connections (IPSEC)
Hi,
Tom just helped me on this issue a couple of days ago.
This is what I do when I have 2 tunnels (subnet-subnet) to one site. You
have 2 tunnels to 2 sites but should be similar
/etc/shorewall/tunnels
ipsec net64.128.24.x vpn,vpn2
# You may need 2 lines here (each for diffrent remote IP)
in /etc/shorewal/interfaces
- ipsec0
in /etc/shorewall/hosts
vpn ipsec0:192.168.15.0/24
vpn2ipsec0:192.168.22.0/24
and the corresponding rules and policy for vpn, vpn2 and your network.
I hope that helps.
M Lu.
From: Phil Foxton [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: [Shorewall-users] Two VPN connections (IPSEC)
Date: 03 Jun 2003 16:57:11 +0100
Hi,
I currently have a good setup running shorewall to protect my network at
home, and it works fine if I just want to have a tunnel to one site
(lets call it Challenge) but if I add a tunnel to another site (lets
call it Stony), the tunnel comes up ok (I can see from ipsec look that
the tunnels are there) but I cannot pass any traffic over them, even
though I can send traffic over the original tunnel. Any ideas?
RGDS
Phil
--
Phil Foxton [EMAIL PROTECTED]
Intelligent Maintenance Systems Ltd
___
Shorewall-users mailing list
Post: [EMAIL PROTECTED]
Subscribe/Unsubscribe:
http://lists.shorewall.net/mailman/listinfo/shorewall-users
Support: http://www.shorewall.net/support.htm
FAQ: http://www.shorewall.net/FAQ.htm
_
The new MSN 8: smart spam protection and 2 months FREE*
http://join.msn.com/?page=features/junkmail
___
Shorewall-users mailing list
Post: [EMAIL PROTECTED]
Subscribe/Unsubscribe:
http://lists.shorewall.net/mailman/listinfo/shorewall-users
Support: http://www.shorewall.net/support.htm
FAQ: http://www.shorewall.net/FAQ.htm
- Original Message -
From: Roger E McClurg [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Monday, June 09, 2003 11:53 AM
Subject: [leaf-user] Multiple VPNs in Bering 1.2
My current firewall uses Dachstein 1.02 and acts as a central site VPN
device. I have numerous VPNs using the ipsec0 interface. Each VPN has a
fixed address and of course different subnets. I wish to replace the
current firewall with Bering 1.2, but I am having problems configuring the
VPNs on Shorewall. I've read the Shorewall docs, but they are directed
more toward road-warrier VPNs, not numerous lan-lan tunnels. Can anyone
(Tom?) show me how to do this, or point me to some existing documentation?
Roger
---
This SF.net email is sponsored by: Etnus, makers of TotalView, The best
thread debugger on the planet. Designed with thread debugging features
you've never dreamed of, try TotalView 6 free at www.etnus.com.
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
---
This SF.net email is sponsored by: Etnus, makers of TotalView, The best
thread debugger on the planet. Designed with thread debugging features
you've never dreamed of, try TotalView 6 free at www.etnus.com.
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html