[Openswan Users] ipsec routes

Brad Chang openswan at dotnoc.com
Mon Mar 29 10:18:20 CEST 2004 

new config still the same result.  thanks for taking a look

65.39.254.0/24 dev eth0  proto kernel  scope link  src 65.39.254.254
65.39.254.0/24 dev ipsec0  proto kernel  scope link  src 65.39.254.254
172.16.0.0/16 dev eth1  proto kernel  scope link  src 172.16.0.1
0.0.0.0/1 via 65.39.254.1 dev ipsec0
128.0.0.0/1 via 65.39.254.1 dev ipsec0
default via 65.39.254.1 dev eth0

version 2.0

config setup
        forwardcontrol=yes
        interfaces=%defaultroute
        klipsdebug=none
        plutodebug=none
        syslog=syslog.debug
        uniqueids=yes

conn kel-to-van
        left=65.39.254.254
        leftid=@vanvpn1.dotnoc.com
        leftnexthop=65.39.254.1
       
leftrsasigkey=0sAQN7SHTr6TWrTwsIyDYSkcE1B5x800gyC3suEJCnGiuMqFq2Eury412u9t/SqMyViVZzZWuUqN6JA8yy5AMruWvJr6xAmrCPS01f12RX9zWsURdFCSqFjv43TeYsf7X3FE8TSD0ZtQ98cj+evMzUt6+55m+u1hAR0zaDZ7AjNEj78gb3nMk6aQ25dGLfRse+hex7BMgrFPXGyaTtkHOfOm+froSqfKtCfXh7EURid68OkN8dXAbOvwLKLZHAgcKXrSvb3DQmBdGFTrsiT7x1S5d1jaibHSSV1/jYYr6vhwR+DEetpRDN4uL1fjLIZskIrXDxksNF32LP1UrEfeAsAU7TYfReOpjoodnOjX5I91S/TfKT
        right=24.70.248.254
        rightid=@office.dotnoc.com
        rightnexthop=24.70.248.1
       
rightrsasigkey=0sAQPQoNAP+br7wiHmPv/xFGmbWAvRopbyVCeJ14sVqci7Kh0AYKdGwVsCA33YwSFXlt5Zejzsbjb6HqJV3tJaDLFAZtNB/S5Y0Op68rNBtzFWUb3LTXQ+zfVJWoG43lqpn8PdoH7AZ2dtm3TJk73xATU1+/G/rZkE1BoZOkbsAQN5myZERHUnaFsUwfth+CCLwn43l4hrx//9TrFESLeK3j1XSNmBPzC2Cqw+4u3eLSPb61YbN2QhiTZ4l49ODfPq8Oj9E1KZz7WybqM/A3XqSU2QIjYaxu3OPIqrbfKWzonRlmEdAy7dGd8IwHKR2YYdvPyGniaief0qqshSz6nmUTrLK/qE4he1H3HiO1WkHVjCFr7vjwdfCXfjgEEWCUz0qltsX1gwBy/U0eUbGc7Zq2q7pTrXnm+mIuSZNkO7ie53ajqjgx+okAMin+0QeGjVAUXPznlp4WmdYYbz4tiBbnRDxlDnb74oCxbIQcEsNFb3wD70q90t026a5R74aGdp4oiUEaZAOK6Q8XQNm4y0KDNx2WEHVWkDyUAHHCF9ZqaK0RGoEZOe26Rqrbm1W3ts1ok=
        auto=add

conn block
        auto=ignore
conn private
        auto=ignore
conn clear
        auto=ignore
conn clear-or-private
        auto=ignore
conn packetdefault
        auto=ignore




Quoting Paul Wouters <paul at xelerance.com>:

> On Sun, 28 Mar 2004, Brad Chang wrote:
> 
> > #config setup
> > #        forwardcontrol=yes
> > #        interfaces=%defaultroute
> > #        klipsdebug=none
> > #        plutodebug=none
> > #        syslog=syslog.debug
> > #       uniqueids=yes
> 
> You should not comment out the setup section. You should change the values
> of the items in it, if you really have to. 
> 
> > 
> > conn block
> >         auto=ignore
> > conn private
> >         auto=ignore
> > conn clear
> >         auto=ignore
> > conn clear-or-private
> >         auto=ignore
> 
> You forgot to add an ignore for conn packetdefault
> 
> Paul 
> 
> 






Thanks and best regards,
-Brad Chang
-http://www.dotnoc.com


-------------------------------------------------------------------
hosting,web design and managed services @ http://www.dotnoc.com

More information about the Users mailing list