Stuart Henderson <s...@spacehopper.org> wrote: > laptop: > ike dynamic esp from egress to 0.0.0.0/0 peer 11.22.33.44 > > router: > ike passive esp from any to any > > possible complications:- > > - if you will be communicating with other machines in the same subnet, > they will send return traffic directly rather than via the router,
No, they won't. Oh, wait, do you mean other machines in the same subnet but _without_ this IPsec configuration? Don't do that. The wireless and the wired network need to be separate subnets with the IPsec gateway in between. -- Christian "naddy" Weisgerber na...@mips.inka.de
