[prev in list] [next in list] [prev in thread] [next in thread]
List: openswan-users
Subject: [Openswan Users] Re-2: Re-2: VPN is up, routing problem
From: "Ludovic MARCILLY" <lmarcilly () aressi ! fr>
Date: 2007-08-27 15:59:16
Message-ID: DIIE.00000A9100044D4C () aressi ! fr
[Download RAW message or body]
i have restart openswan after changing endpoints and my leftnexthop is set to %defaultroute.
-------- Original Message --------
Subject: Re: [Openswan Users] Re-2: VPN is up, routing problem (27-août-2007 17:56)
From: Paul Wouters <paul@xelerance.com>
To: lmarcilly@aressi.fr
> On Mon, 27 Aug 2007, Ludovic MARCILLY wrote:
>
> > Yes i know, but the route for 192.168.1.0/24 subnet is added when vpn is up.
> > Why does it add this route ?
>
> If the route for 192.168.1.0/24 is added to 81.23.32.138, then it looks
> like you did not
> reload/restart openswan after changing endpoints from 81.23.32.137 to 81.23.
> 32.138, or
> you have a wrong leftnexthop= that I missed.
>
> Paul
>
> > -------- Original Message --------
> > Subject: Re: [Openswan Users] VPN is up, routing problem (27-août-2007 17:
> > 32)
> > From: Paul Wouters <paul@xelerance.com>
> > To: lmarcilly@aressi.fr
> >
> > > On Mon, 27 Aug 2007, Ludovic MARCILLY wrote:
> > >
> > > > > In my logs, i can see "Ipsec SA established" but i can't ping 192.168.1.0/
> > > > > 24 networks computers from 192.168.2.0/24 network.
> > > > >
> > > > > Here is the routing table on Linux 2:
> > > > >
> > > > > 81.23.32.136 0.0.0.0 255.255.255.248 U 0 0 0 eth2
> > > > > 192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
> > > > > 192.168.1.0 81.23.32.138 255.255.255.0 UG 0 0 0 eth2
> > > > > 10.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 eth1
> > > > > 0.0.0.0 81.23.32.138 0.0.0.0 UG 0 0 0 eth2
> > > > >
> > > > > I don't paste here the routing table of Linux 1 since it is almost the same
> > > > > thing. (it the same thing for ipsec.conf).
> > > > >
> > > > > If i add a route which tell that gateway to reach 192.168.1.0/24 network is
> > > > > 81.23.32.137, it works well but i don't want to add the route manually.
> > >
> > > Your routing tables says that 192.168.1.0/24 lives at 81.23.32.138, while
> > > you
> > > want it to live behind 81.23.32.137 (via ipsec). You should remove the
> > > route
> > > for 192.168.1.0 to 81.23.32.138 then.
> > >
> > > Paul
> >
> >
> > To: paul@xelerance.com
> > Cc: users@openswan.org
> >
> >
> >
> > _______________________________________________
> Users@openswan.org
> http://lists.openswan.org/mailman/listinfo/users
> Building and Integrating Virtual Private Networks with Openswan:
> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
To: paul@xelerance.com
Cc: users@openswan.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic