Ok, I forgot to tell you something, I have tried that configuration before (same files)<br>between another two boxes (pcs) and worked quite well, but since I put the config<br>file into the openwrt router, I haven't seen the tunnel full working. The thing that
<br>really intrigates me is that the tunnel work one-way only. I mean, Could it be<br>a missing iptable rule? Has kernel 2.6.19 any known bug with ipsec? Maybe a route<br>problem?<br><br><div><span class="q"><blockquote class="gmail_quote" style="margin-top: 0; margin-right: 0; margin-bottom: 0; margin-left: 0; margin-left: 0.80ex; border-left-color: #cccccc; border-left-width: 1px; border-left-style: solid; padding-left: 1ex">
> conn tunnconn<br>> type=tunnel<br>> left=<a href="http://192.168.2.2" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">192.168.2.2</a><br>> leftnexthop=<a href="http://192.168.2.1" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
192.168.2.1</a><br>> right=<a href="http://192.168.2.1" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)"> 192.168.2.1</a><br><br>Try type=%direct</blockquote></span><div><br>Thank Paul, I tried but when I change the configuration, now I can't even seen
<br>the negotiation of the tunnel :( </div><span class="q"><br><blockquote class="gmail_quote" style="margin-top: 0; margin-right: 0; margin-bottom: 0; margin-left: 0; margin-left: 0.80ex; border-left-color: #cccccc; border-left-width: 1px; border-left-style: solid; padding-left: 1ex">
The situation when using two IPsec machines in the same subnet is fundamentally<br>different from having two IPsec machines with a box (or a whole internet) in<br>the middle. If you are doing this for testing a real world deployment, change
<br>the network and add a machine in the middle that's just a router.<br><br>Paul</blockquote></span><div><br>Yes, you are right, this is not a good test for real situations, but the only thing I<br>want to test now is that openswan is working well in the openwrt device. Once I see it
<br> working I will try different scenarios.<br></div><br>I have also tried some workarounds about the MTU size and they did not work for me.<br></div><br>I have another question also, sometimes (but not always) when I "turn on" the tunnel
<br>I have some strange routes added, I mean "things like those":<br><br>### See the table with a monospace font...<br>Kernel IP routing table<br>Destination Gateway Genmask Flags Metric Ref Use Iface
<br><a href="http://202.12.27.33" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">202.12.27.33</a> <a href="http://192.168.2.2" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
192.168.2.2</a> <a href="http://255.255.255.255" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">255.255.255.255</a> UGH 0 0 0 ipsec0<br><a href="http://192.228.79.201" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
192.228.79.201</a> <a href="http://192.168.2.2" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">192.168.2.2</a> <a href="http://255.255.255.255" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
255.255.255.255</a> UGH 0 0 0 ipsec0<br><a href="http://198.41.0.4" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">198.41.0.4</a> <a href="http://192.168.2.2" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
192.168.2.2</a> <a href="http://255.255.255.255" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">255.255.255.255</a> UGH 0 0 0 ipsec0<br><a href="http://193.0.14.129" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
193.0.14.129</a> <a href="http://192.168.2.2" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">192.168.2.2</a> <a href="http://255.255.255.255" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
255.255.255.255</a> UGH 0 0 0 ipsec0<br><a href="http://192.5.5.241" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">192.5.5.241</a> <a href="http://192.168.2.2" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
192.168.2.2</a> <a href="http://255.255.255.255" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">255.255.255.255</a> UGH 0 0 0 ipsec0 <br><a href="http://128.8.10.90" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
128.8.10.90</a> <a href="http://192.168.2.2" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">192.168.2.2</a> <a href="http://255.255.255.255" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
255.255.255.255</a> UGH 0 0 0 ipsec0<br><a href="http://192.112.36.4" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">192.112.36.4 </a><a href="http://192.168.2.2" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
192.168.2.2</a> <a href="http://255.255.255.255" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">255.255.255.255</a> UGH 0 0 0 ipsec0<br><a href="http://192.203.230.10" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
192.203.230.10</a> <a href="http://192.168.2.2" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)"> 192.168.2.2</a> <a href="http://255.255.255.255" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
255.255.255.255</a> UGH 0 0 0 ipsec0<br><a href="http://192.58.128.30" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">192.58.128.30</a> <a href="http://192.168.2.2" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
192.168.2.2</a> <a href="http://255.255.255.255" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)"> 255.255.255.255</a> UGH 0 0 0 ipsec0<br><a href="http://128.63.2.53" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
128.63.2.53</a> <a href="http://192.168.2.2" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">192.168.2.2</a> <a href="http://255.255.255.255" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
255.255.255.255</a> UGH 0 0 0 ipsec0 <br><a href="http://192.36.148.17" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">192.36.148.17</a> <a href="http://192.168.2.2" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
192.168.2.2</a> <a href="http://255.255.255.255" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">255.255.255.255</a> UGH 0 0 0 ipsec0<br><a href="http://198.32.64.12" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
198.32.64.12</a> <a href="http://192.168.2.2" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">192.168.2.2</a> <a href="http://255.255.255.255" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
255.255.255.255</a> UGH 0 0 0 ipsec0<br><a href="http://192.33.4.12" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">192.33.4.12</a> <a href="http://192.168.2.2" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
192.168.2.2</a> <a href="http://255.255.255.255" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">255.255.255.255</a> UGH 0 0 0 ipsec0<br><a href="http://192.168.2.0" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
192.168.2.0</a> <a href="http://0.0.0.0" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">0.0.0.0</a> <a href="http://255.255.255.0" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
255.255.255.0</a> U 0 0 0 eth0.1<br><a href="http://192.168.2.0" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">192.168.2.0</a> <a href="http://0.0.0.0" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
0.0.0.0</a> <a href="http://255.255.255.0" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">255.255.255.0</a> U 0 0 0 ipsec0 <br><a href="http://192.168.1.0" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
192.168.1.0</a> <a href="http://0.0.0.0" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">0.0.0.0</a> <a href="http://255.255.255.0" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
255.255.255.0</a> U 0 0 0 br-lan<br><a href="http://10.1.2.0" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">10.1.2.0</a> <a href="http://0.0.0.0" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
0.0.0.0</a> <a href="http://255.255.255.0" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">255.255.255.0</a> U 0 0 0 ipsec0<br><a href="http://169.254.0.0" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
169.254.0.0</a> <a href="http://0.0.0.0" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">0.0.0.0</a> <a href="http://255.255.0.0" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
255.255.0.0</a> U 0 0 0 eth0.0<br><a href="http://0.0.0.0" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">0.0.0.0</a> <a href="http://192.168.2.2" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
192.168.2.2</a> <a href="http://128.0.0.0" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">128.0.0.0 </a> UG 0 0 0 ipsec0<br><a href="http://128.0.0.0" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
128.0.0.0</a> <a href="http://192.168.2.2" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">192.168.2.2</a> <a href="http://128.0.0.0" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
128.0.0.0</a> UG 0 0 0 ipsec0<br><a href="http://0.0.0.0" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">0.0.0.0</a> <a href="http://192.168.2.2" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">
192.168.2.2</a> <a href="http://0.0.0.0" target="_blank" onclick="return top.js.OpenExtLink(window,event,this)">0.0.0.0</a> UG 0 0 0 eth0.1<br><br>Well this happened me before and the tunnel was working perfectly, but I don't
<br>know what the hell ipsec put some of this routes into the table.<br><br>Any help would be appreciated.<br><br>Thank you.<br>