[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

VPN Configuration



On Mon, Jul 24, 2000 at 03:26:23AM +1000, Robert D. wrote:

> > [net-small1]
> > ID-type=	IPV4_ADDR_SUBNET
> > Network=	10.0.1.0
> > Netmask=	255.255.255.0
> > 
> > [net-BIG]
> > ID-type=	IPV4_ADDR_SUBNET
> > Network=	10.0.0.0
> > Netmask=	255.0.0.0
> 
> Your netmasks are messed up. Just set net-BIG to 10.0.0.0/24, ie

But i need to access 10.0.0.0/8 -- thats exactly the point.

I event tried BIG-Net=10.0.0.0/24 + "route add 10.0.0.0/8 10.0.0.1" but
 of course this isnt possible since 10.0.0.1 (SecurityGateway internal IP)
 in no neighbour.

I spend some time reading IPsec RFCs -- it seems my setup should be nicely
supported by ordenary tunnel mode. But when does SA processing step in ?
Before the kernel looks at his routing table or just after ?


bye

   joerg