[Openswan Users] RoadWarrior problems : route-host output:/usr/lib/ipsec/_updown: (incorrect or missing nexthop??)
"Artem Tambovskiy"
tambovsky at mail.ru
Fri Jun 11 09:32:32 CEST 2004
Hi,
Just removed a rightnexthop string from RW ipsec.conf it doesn't help at all
[root at db-srv super-freeswan]# ipsec auto --verbose --up road
002 "road" #1: initiating Main Mode
104 "road" #1: STATE_MAIN_I1: initiate
106 "road" #1: STATE_MAIN_I2: sent MI2, expecting MR2
108 "road" #1: STATE_MAIN_I3: sent MI3, expecting MR3
002 "road" #1: Main mode peer ID is ID_DER_ASN1_DN: 'C=RU, L=St-Petersburg, O=TSIC, CN=ms-stp'
002 "road" #1: ISAKMP SA established
004 "road" #1: STATE_MAIN_I4: ISAKMP SA established
002 "road" #2: initiating Quick Mode RSASIG+ENCRYPT+COMPRESS+TUNNEL+PFS
117 "road" #2: STATE_QUICK_I1: initiate
002 "road" #2: route-host output: SIOCADDRT: Network is unreachable
002 "road" #2: route-host output: /usr/lib/ipsec/_updown: `route add -net 172.16.10.0 netmask 255.25
5.255.0 dev ipsec0 gw 217.74.130.35' failed
002 "road" #2: route-host output: /usr/lib/ipsec/_updown: (incorrect or missing nexthop setting??)
003 "road" #2: route-host command exited with status 7
032 "road" #2: STATE_QUICK_I1: internal error
Any other suggestions?
Regards,
Artem
>
> On Thu, 10 Jun 2004, [koi8-r] "Artem Tambovskiy" wrote:
>
> > RoadWarrior:
> > conn road
> > auto=add
> > left=212.213.61.152
> > leftcert=db-srv-cert.pem
> > right=217.74.130.35
> > rightsubnet=172.16.10.0/24
> > rightnexthop=172.16.10.1
>
> This is wrong. remove rightnextop from here. Though it shouldn't be
> used, since road is actually left, not right. Still, it doesn't make
> sense, even on the other end.
>
> Paul
> --
>
> <Reverend> IRC is just multiplayer notepad.
>
>
>
More information about the Users
mailing list