ahh, thank you, that makes sense anyway, just needed a reality check :-)
Cheers from melting London
Bill
Andreas Steffen wrote:
Bill Dossett wrote:
Hi,
First thing, I can't find a config example now, but pretty sure you can have a linux freeswan gateway to linux freeswan gateway with private addresses behind them, that's right isn't it?
That's right!
But if so, I don't understand how it works... If I'm on one subnet and I ping 10.0.0.5 on another subnet... I can see how that works once, but how does ipsec know which private network you are pinging if you connect to more than one network, say two networks are using the 10.0.0.0/24 space? How does it know which one you mean? or can't you VPN to two of the same private network? It was keeping me awake last night as I think I have to do it or else persuade one of the nets to change.
It's not possible for two VPN gateways to have the same subnetwork behind them. Since routing is based on eroutes an error message will be generated for the second connection trying to establish a tunnel to the 10.0.0.0/24 network.
Thanks Bill
Regards
Andreas
======================================================================= Andreas Steffen e-mail: [EMAIL PROTECTED] strongSec GmbH home: http://www.strongsec.com Alter Z�richweg 20 phone: +41 1 730 80 64 CH-8952 Schlieren (Switzerland) fax: +41 1 730 80 65 ==========================================[strong internet security]===
_______________________________________________ FreeS/WAN Users mailing list [EMAIL PROTECTED] https://mj2.freeswan.org/cgi-bin/mj_wwwusr
