Re: [m0n0wall] How to route OPT traffic to IPSec tunnel?

From:	Michael <monowall at encambio dot com>
To:	Chris Buechler <cbuechler at gmail dot com>
Cc:	M0n0wall <m0n0wall at lists dot m0n0 dot ch>
Subject:	Re: [m0n0wall] How to route OPT traffic to IPSec tunnel?
Date:	Fri, 2 Apr 2010 09:17:58 +0200

Hello Chris,

On Thurs., Apr 01, 2010, Chris Buechler wrote:
>On Thu, Apr 1, 2010 at 2:21 PM, Michael wrote:
>> But how to do that without adding another tunnel? You see from the
>> LAN and OPT subnet numbers that they are not summarizable as
>> mentioned in the FAQ 15.26 (How can I route multiple subnets over
>> a site to site IPSec VPN.) And I don't want to set up new tunnels.
>>
>There is no other option. It must match a SPD entry to go across
>IPsec, the routing table cannot send traffic over IPsec.
>
Okay, thanks for pointing it out. I guess I'll have to double my
IPSec tunnel configurations then, and give each OPT interface its
own tunnel to all of the other hosts (not very scalable.)

Regards,
Michael