Route all LAN traffic to gateway across IPSec



  • Hey everyone,
    I have an IPSec tunnel between my house and my collocation facility. My home network is 192.168.1/24 and the colo 192.168.0/24. I wanted to know if there was a way to have all of my home's traffic route through 192.168.0.1 (colo gateway) over IPSec.
    Currently my IPSec is setup with the following

    remote 66.x.y.c {
    exchange_mode aggressive;
    my_identifier fqdn "example.com";

    peers_identifier address 66.x.y.c;
    initial_contact on;
    support_proxy on;
    proposal_check obey;

    proposal {
    encryption_algorithm blowfish;
    hash_algorithm sha1;
    authentication_method pre_shared_key;
    dh_group 2;
    lifetime time 28800 secs;
    }
    lifetime time 28800 secs;
    }

    sainfo address 192.168.1.0/24 any address 192.168.0.0/24 any {
    encryption_algorithm blowfish;
    authentication_algorithm hmac_sha1;
    compression_algorithm deflate;
    pfs_group 2;
    lifetime time 3600 secs;
    }



  • bump…
    I too am interested in a solution as such. I am under the impression you need to make an ipsec rule that allows traffic from 0.0.0.0 to any or something along those lines?


Log in to reply