<div>Thank's for answering.</div><div><br></div>I will chek for it.<div>I can't use "ipsec eroute" It make me a error "/usr/lib/ipsec/eroute: NETKEY does not support eroute table."</div><div>I want de says thant when I do a traceroute of a IP adresse who is bihind the tunnel, the traceroute, don't use the tunnel.</div>
<div>The tunnel don't look to be taken.<br><div><br></div><div>Regards</div><div><br></div><div>Totoro<br><br><div class="gmail_quote">2011/5/6 Paul Wouters <span dir="ltr"><<a href="mailto:paul@xelerance.com">paul@xelerance.com</a>></span><br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;"><div><div></div><div class="h5">On Fri, 6 May 2011, SCHNEIDER Benoit wrote:<br>
<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
At my job we have a VPN's server who have many VPN tunnel up (near 300)<br>
I have a problem with on of them.<br>
The VPN is up, but when I'm trying to ping a IP adresse who is bihind the tunnel the ping packet go outsid of the<br>
tunnel. He look to don't take the right network intephace<br>
<br>
Did they have a way to see all routing table who work in Ipsec, and fixe it ?<br>
</blockquote>
<br></div></div>
I am not sure what you mean. For KLIPS, you can use "ipsec eroute" and "route -n" to<br>
check. With NETKEY you have to dig through "ip xfrm state" (and no routes are used)<br>
<br>
You probably have a typo in the address range and it matches no policies (and when<br>
using KLIPS, the typoed route was added) ?<br><font color="#888888">
<br>
Paul<br>
</font></blockquote></div><br>
</div></div>