[Openswan dev] ip_hdr discrepancies
Paul Wouters
paul at xelerance.com
Mon Feb 9 23:58:50 EST 2009
On Wed, 24 Dec 2008, Sybille Ebert wrote:
>>> Now the "shunt SA of DROP or no eroute" is gone, but I get:
>>>
>>> klips_debug:ipsec_xmit_send: ip_route_output failed with error code -22,
>>> dropped
>
> I am not an expert, but from the logs I would assume that the packed
> gets encrypted, but cannot be output because ip_route_output_key fails.
> I have confirmed that I have the correct route ("ip route ls") and that
> the packet destination address matches rightsubnet. I have tried pinging
> from inside network as well as from gateway itself (by setting
> leftsourceip or by manually assigning IP to ipsec0). I've tried to
> create routes manually. Yet, nothing helps. If I change to netkey, all
> these scenarios work (meaning I can see ESP packet being sent with tcpdump).
Let me know if this is still a problem with openswan 2.6.20.
Paul
More information about the Dev
mailing list