[Openswan Users] multiple tunnels, only the first connects
Paul Wouters
paul at xelerance.com
Fri Jun 4 02:22:58 CEST 2004
On Thu, 3 Jun 2004, Matt Harrell wrote:
> Now, when I try to bring up the tunnels, only the first tunnel to my work
> comes up. The rest fail (the customer VPNs all work great, but they're to
> different versions of Symantec Enterprise Firewall).
Could you stop openswan start it, add the first tunnel, add the second
tunnel, and run 'ipsec barf' and mail me the output. I'd be interested
to see what is going on. Can you also try the same again, but with the
order of the two tunnels reversed?
> Based on the output from the "ipsec auto --up" commands, it appears as
> though after the first tunnel, the others are not performing full
> negotiations. The first tunnel sends "STATE_MAIN" data and "STATE_QUICK".
> However, after that, the other tunnels are only sending "STATE_QUICK"
> packets.
Are you putting up two different tunnels from the same src-dst gateways,
but with different subnets? If so, I can recreate something like that
and see if I can reproduce your problem.
Paul
More information about the Users
mailing list