Date: Tue, 20 May 2008 11:35:52 +0400 From: misha saf <msaf1980@rambler.ru> To: <freebsd-questions@freebsd.org> Subject: exclude network from ipsec Message-ID: <477934569.1211268952.61777256.49341@mcgi65.rambler.ru>
next in thread | raw e-mail | index | archive | help
God day. I have some problem with ipsec, established between two networks 10.11.0.0/16, D-Link DFL-210. LAN IP - 10.11.3.1 10.11.56.0/16, FreeBSD 6.3 LAN IP - 10.11.56.1 /etc/ipsec.conf flush; spdflush; spdadd 10.11.56.0/24 10.11.0.0/16 any -P out ipsec esp/tunnel/xx.xx.xx.xx-yy.yy.yy.yy/require; spdadd 10.11.0.0/16 10.11.56.0/24 any -P in ipsec esp/tunnel/yy.yy.yy.yy-xx.xx.xx.xx/require; Routing table 10.11/16 yy.yy.yy.yy UGS 3222382 3223301 vlan0 10.11.56/24 link#1 UC 0 0 rl0 Tunnel established and work fine, but queries from 10.11.56.0/24 to 10.11.56.1 are dended through ipsec tunnel I can't ping 10.11.56.1 even localy from router There are a way to send queriers from 10.11.56.0 to several networks from 10.11.0.0/24 (10.11.56.0/24, 10.11.57.0/24 for example) without ipsec ?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?477934569.1211268952.61777256.49341>