thanks for all your replies... ----- Original Message ----- From: "Ken Bantoft" <[EMAIL PROTECTED]> To: "Fernando Serto" <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Sent: Thursday, July 31, 2003 10:28 AM Subject: Re: [Users] more than one subnet
> -----BEGIN PGP SIGNED MESSAGE----- > > > > On Wed, 30 Jul 2003, Fernando Serto wrote: > > > hey folks, I have freeswan running on slackware without any problems, > > but, we decided to let the engineers access the engineering network from > > home... the tricky part is that they still need to access the "common" > > network. is it possible to add two "leftsubnet" entries for the same > > connection? > > No. Instead, just copy the conn and change only the name and leftsubnet > parameter. Do this on both sides, and you're done. > > > > > 192.168.10.0/24 is the "common" network (mail server, file server, etc..) > > 192.168.70.0/24 is the engineering network (their test boxes) > > > > I have the following ipsec.conf file (i'll provide only the gateway file) > > conn fserto > > authby=secret > > leftsubnet=192.168.10.0/24 > > LEFTSUBNET=192.168.70.0/24 <=== Can I add this? > > rightsubnet=192.168.1.0/24 > > leftnexthop=%defaultroute > > rightnexthop=r.r.r.y > > left=l.l.l.x > > right=r.r.r.x > > auto=add > > pfs=yes > > > > cheers, > > Fernando > > > > - -- > Ken Bantoft Super FreeS/WAN Maintainer > [EMAIL PROTECTED] http://www.freeswan.ca > PGP Key: finger [EMAIL PROTECTED] > "We can factor the number 15 with quantum computers. We > can also factor the number 15 with a dog trained to bark > three times." -- Robert Harley, 5/12/01, Sci.crypt > > -----BEGIN PGP SIGNATURE----- > Version: 2.6.3ia > Charset: noconv > > iQCVAwUBPyhipViWUusaxGxpAQEvvwP/d7rfWyJgG4thWKmWBD/x39iDtCGWsgly > 4hg1c01MLWg4Hackn/xBixJkTS+SS23kyWV6Elbkopul/2tl38mXqttOD2tI5MzM > W7Dmh55dLscs/qc7tLgl14HuJ09c1Bz2i0uqgAKoT5PC7pJ6MiDbD95OIyBIYHEn > 2Wzs5wrRi1U= > =UcBt > -----END PGP SIGNATURE----- >
