Hi Paul,<br><br>Thanks for yor answer.<br>I've tried to use version 2.6.19, but same error has ocurred.<br>The SELinux has disabled.<br>The output of ipsec barf is attached.<br><br><br>Thanks,<br>Regards,<br clear="all">
---<br>Sérgio Cioban Filho - LPIC1<br>------------------------------------------------------------<br>| Linux - Servidores - Firewall - VPN<br>| Virtualização - VoIP - ShellScript - C - PHP <br>| <a href="http://cioban.googlepages.com">http://cioban.googlepages.com</a><br>
| +55 48 9989-8733<br>------------------------------------------------------------<br>..:: Seja livre, use LiNuX!! ::..<br>
<br><br><div class="gmail_quote">On Thu, Nov 27, 2008 at 5:21 PM, Paul Wouters <span dir="ltr"><<a href="mailto:paul@xelerance.com">paul@xelerance.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div class="Ih2E3d">On Thu, 27 Nov 2008, Sergio Cioban Filho wrote:<br>
<br>
> I'm testing openswan 2.6.18 in CentOS 5.1 with 2.6.18-53.1.13.el5 kernel.<br>
> The default openswan stak in CentOS/RedHat is NETKEY, but I trying use<br>
> KLIPS.<br>
<br>
</div>Try openswan 2.6.19?<br>
<div class="Ih2E3d"><br>
> The KLIPS module (ipsec) have compiled with no errors and the tunnel was<br>
> established without problems (net-to-net tunnel, with esp an without NAT).<br>
> The problem is, no packet traffic for the tunnel, when I send an icmp<br>
> packet, I get this error in log:<br>
> *klips_debug:rj_match: ***** not found. *<br>
> and<br>
> *ipsec_xmit_send: ip_route_output failed with error code*<br>
> and the tx error count in ipsec0 interface is increased.<br>
<br>
</div>Try disabling SElinux if you have not.<br>
<div class="Ih2E3d"><br>
> Does anyone have any idea of what is happening ?<br>
<br>
</div>show us 'ipsec barf' output.<br>
<font color="#888888"><br>
Paul<br>
</font></blockquote></div><br>