A tunnel that will connect the subnets behind the gateways <b>moon</b>
and <b>sun</b>, respectively, is preconfigured by installing a %trap eroute
on gateway <b>moon</b> by means of the setting <b>auto=route</b> in ipsec.conf.
A subsequent ping issued by client <b>alice</b> behind gateway <b>moon</b> to
<b>bob</b> located behind gateway <b>sun</b> triggers the %trap eroute and
leads to the automatic establishment of the subnet-to-subnet tunnel.
<p>
The updown script automatically inserts iptables-based firewall rules
that let pass the tunneled traffic.
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/cvsweb/back.gif){kind=icon}
Return to description.txt CVS log ![[TXT]](/icons/cvsweb/text.gif){kind=icon}
![[DIR]](/icons/cvsweb/dir.gif){kind=icon}
Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / testing / tests / swanctl / net2net-route