On 11/15/06, <b class="gmail_sendername"><a href="mailto:Frank.Mayer@knapp-systems.com">Frank.Mayer@knapp-systems.com</a></b> <<a href="mailto:Frank.Mayer@knapp-systems.com">Frank.Mayer@knapp-systems.com</a>> wrote:<div>
<span class="gmail_quote"></span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">Hi again,<br><br>try setting<br> leftnexthop=<ip address of your default gw>
</blockquote><div><br>Now that IP shows up in the gateway column when I run route. I think it's a good thing. Ping to 10.14.8.X doesn't complain anymore about unreachable host. I'm still not getting anything back, but that may be the other side's intention (or misconfiguration)
<br></div><br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">It's just that OpenS/WAN sometimes seems to be unable to figure out<br>routing correctly if you're using "%defaultroute".
<br><br>OpenS/WAN usually adds a kernel route if you're starting a tunnel like<br> route add <rightsubnet> gw <leftnexthop>,<br>if you are "left", or<br> route add <leftsubnet> gw <rightnexthop>,
<br>if you are "right".</blockquote><div><br>Yup, I'm getting that now (as route -n shows).<br></div><br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
Usually, you need only one of them.<br>What might be contraproductive in your case (not sure, but on a hunch) is<br>that you define both "leftnexthop" and "rightnexthop" to be your default<br>gateway.</blockquote>
<div><br>The man page says "<span style="font-style: italic;">Relevant only locally, other end need not agree on it</span>". So I think, as I'm "left", the parameter rightnexthop will be ignored. And I should take it out to reduce confusion.
<br></div><br></div>