I tried to encrypt the connection between two immediate peers (same broadcast domain):<br><br>conn ab<br>left=a.b.c.d<br>right=a.b.c.e<br><br>I observed that after connection establishment, the ARP request for the peer is sent to (00:00:00:00:00:01) instead of (ff:ff:ff:ff:ff:ff).<br>
The remote peer doesn't reply to the request. As a result peer is declared dead by the initiator after the specified interval.<br><br>I tried with type=%direct (as mentioned in the openswan book by Paul), but with openswan-2.4.8, it results in error (ipsec_auto: fatal error in "htoh": unknown type "%direct").<br>
Then I tried with leftnexthop=%direct, but observed the same ARP behavior.<br><br>Any clue?<br><br>Thanks,<br>-hiren<br><br><br><br><br><br>