I have a similar setup running here.
We just use a separate tunnel definition for each subnet.
eg
conn remoteuser-dmz
[EMAIL PROTECTED]
leftsubnet=192.168.10.0/24
etc...
conn remoteuser-lan
[EMAIL PROTECTED]
leftsubnet=192.168.50.0/24
etc...
HTH
charlie
On Wed, 2003-07-30 at 13:31, Fernando Serto wrote:
> hey folks, I have freeswan running on slackware without any problems,
> but, we decided to let the engineers access the engineering network from
> home... the tricky part is that they still need to access the "common"
> network. is it possible to add two "leftsubnet" entries for the same
> connection?
>
> 192.168.10.0/24 is the "common" network (mail server, file server, etc..)
> 192.168.70.0/24 is the engineering network (their test boxes)
>
> I have the following ipsec.conf file (i'll provide only the gateway file)
> conn fserto
> authby=secret
> leftsubnet=192.168.10.0/24
> LEFTSUBNET=192.168.70.0/24 <=== Can I add this?
> rightsubnet=192.168.1.0/24
> leftnexthop=%defaultroute
> rightnexthop=r.r.r.y
> left=l.l.l.x
> right=r.r.r.x
> auto=add
> pfs=yes
>
> cheers,
> Fernando
>
>
