On Thu, Apr 1, 2010 at 2:21 PM, Michael <monowall at encambio dot com> wrote:
> But how to do that without adding another tunnel? You see from the
> LAN and OPT subnet numbers that they are not summarizable as
> mentioned in the FAQ 15.26 (How can I route multiple subnets over
> a site to site IPSec VPN.) And I don't want to set up new tunnels.
There is no other option. It must match a SPD entry to go across
IPsec, the routing table cannot send traffic over IPsec.