No, if route table is not configured, policy will not have chance to handle packets.
发自我的 iPhone > 在 2015年5月26日,19:37,Noel Kuntze <[email protected]> 写道: > > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > It won't, because IPsec on Linux is all policy based. > > Mit freundlichen Grüßen/Kind Regards, > Noel Kuntze > > GPG Key ID: 0x63EC6658 > Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658 > >> Am 26.05.2015 um 13:35 schrieb Zhuyj: >> Yeah,maybe virtual ip will help. >> >> >> 发自我的 iPhone >> >>> 在 2015年5月26日,19:16,Noel Kuntze <[email protected]> 写道: >> Hello, >> >> No, not so easily. You either have to map one of those networks onto another >> subnet with iptables or use marks to differentiate the traffic. >> >> Mit freundlichen Grüßen/Kind Regards, >> Noel Kuntze >> >> GPG Key ID: 0x63EC6658 >> Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658 >> >>>>> Am 26.05.2015 um 13:15 schrieb mgundes: >>>>> Zhuyj and Noel, thank you. >>>>> >>>>> Zhuyj, regarding route table, what if some different private networks >>>>> have same subnets? I mean if two organizations have 192.168.2.0/24 >>>>> <http://192.168.2.0/24> network than would it be possible to properly set >>>>> route table? >>>>> >>>>> Thanks. >>>>> >>>>> On Tue, May 26, 2015 at 2:05 PM, Zhuyj <[email protected] >>>>> <mailto:[email protected]>> wrote: >>>>> >>>>> Pay attention to route table. >>>>> >>>>> >>>>> 发自我的 iPhone >>>>> >>>>>> 在 2015年5月26日,18:42,Noel Kuntze <[email protected] >>>>>> <mailto:[email protected]>> 写道: >>>>> Hello, >>>>> >>>>> Yes, that is possible. Simply create different conn sections. >>>>> >>>>> Mit freundlichen Grüßen/Kind Regards, >>>>> Noel Kuntze >>>>> >>>>> GPG Key ID: 0x63EC6658 >>>>> Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658 >>>>> >>>>>>>> Am 26.05.2015 um 10:39 schrieb mahmut g: >>>>>>>> >>>>>>>> Hello, >>>>>>>> >>>>>>>> >>>>>>>> I need to connect many servers in different private networks. My >>>>>>>> application should connect and gets data from many(4 or 5) services on >>>>>>>> that servers. However, I need to create VPN to those network to be >>>>>>>> able to connect those server. For instance one of the private networks >>>>>>>> has Cisco 3845 router as vpn hardware and another use some other >>>>>>>> solution etc. >>>>>>>> >>>>>>>> >>>>>>>> Those private networks are different organizations. I am not good at >>>>>>>> IPSec and VPN issues, I wonder If it is possible to connect more than >>>>>>>> one private network from single Linux VPS machine with strongswan? >>>>>>>> >>>>>>>> >>>>>>>> Thanks, >>>>>>>> >>>>>>>> Regards. >>>>>>>> >>>>>>>> >>>>>>>> Mahmut >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> _______________________________________________ >>>>>>>> Users mailing list >>>>>>>> [email protected] <mailto:[email protected]> >>>>>>>> https://lists.strongswan.org/mailman/listinfo/users >>>>> >>>>>> >>>>>> _______________________________________________ >>>>>> Users mailing list >>>>>> [email protected] <mailto:[email protected]> >>>>>> https://lists.strongswan.org/mailman/listinfo/users >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> -- >>>>> Mahmut Gündeş >> > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v2 > > iQIcBAEBCAAGBQJVZFr3AAoJEDg5KY9j7GZY008QAJjjg+DcFBwy8Kaye9eNez67 > uviweVhoaOWQZyCliXyvUl2v6cXVGH6ZWJHbKZi0T943+tsMWAMPCPj01BrJzNTx > eROuPrlwh82IE7mE5dAEvl7qa2+XTNpC7lau8unH1XG+KJYGni2WW5j+3v2keNyz > qdRg19IB8kfqc4l723SIn5l69UM8z+ful4LozLsBFR+7Ow5lqjuy80b5mHP0dQ3+ > MiDeIVit5h+jj8FgXU4G6AwrpnR5JaMFefvCqKQxFaqNxx085L2fcRbWD+5mpgAE > GTL/CPI8CdAdoXwFTMnrA4foKL+28OxBgWeNIJdCWl+L+q5dpSKCCgzVuWbBq9N5 > k5hZk7M7jzaNJsOthdeyPj8nUooM82BgrOc3aLJSWe50v5bWAE+OcFT689I6X51P > 9NvwoJqtvwbLG0zGSCQLN3dfLkxV5hOnx9TX8ccLmpdD0FbIlB0qk4MDJg4/evKt > 5njCw9kKHun7W9dIh19UZZDXxNWaSuywjB7ap1XQfbCVn5OhiswQl4a897npWcRR > qosSGNQZirLKfduSxmaDmyOZvTqAJPEeWCCsVDk/1QaKnaFLstgyzQnicAzURLkS > A9HJC4NMScawBEOm5kKLPuBD72oy53JAGrWl8AR0Q5CKStamnSepdil3f+AGFk+U > 0mImr7BrVNe2E/BUDqiW > =SdoM > -----END PGP SIGNATURE----- > _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
