View Single Post
  #1   (View Single Post)  
Old 24th May 2012
polken polken is offline
Port Guard
 
Join Date: May 2012
Posts: 12
Default ipsec tunnel 3 networks with one tunnel

i hace set up the ipsec.conf to allow 3 networks to tunnel over the ADLS conections but im facing the problem that an ip phone over one network on one end point (192.168.0.0/16) it works fine but other IP client over the net 172.1.0.0/16 doesnot reply over pings

172.1.100.1---XXXX--------+------------<--------------<<<<
192.168.30.2--OK-->>>----CISCO->-ADSL->--OPENBSD-->>---

not sure if i can use just one tunnel to pass 3 networks?
OPENBSD CONFIG
iike passive esp from any to {192.168.0.0/16, 10.0.0.0/16, 172.1.0.0/16} peer any \
main auth hmac-sha1 enc aes-128 group modp1024 \
quick auth hmac-sha1 enc aes-128 psk DUDES

ike passive from {192.168.0.0/16, 10.0.0.0/16, 172.1.0.0/16} to any \
main auth hmac-sha1 enc aes-128 group modp1024 \
quick auth hmac-sha1 enc aes-128 psk DUDES
Reply With Quote