[Openswan Users] -!- Routing Problems %defaultroute requested
but not known -!-
Paul Wouters
paul at xelerance.com
Thu Sep 16 19:12:19 CEST 2004
On Thu, 16 Sep 2004, neptuno wrote:
> OK, i set policy to ACCEPT, no filter rules. Im doing nat/masquerading
> excluding -d \! 192.168.0.0/16 destinations at both sides.
> Sep 16 12:32:24 brainless ipsec_setup: ...Openswan IPsec started
> Sep 16 12:33:44 brainless kernel: IN=eth1 OUT=ipsec0 SRC=192.168.201.225
> DST=192.168.200.210 LEN=96 TOS=0x00 PR ....
> Sep 16 12:33:45 brainless kernel: IN=eth1 OUT=ipsec0 SRC=192.168.201.225
> DST=192.168.200.210 LEN=96 TOS=0x00 PR ....
> Sep 16 12:33:47 brainless kernel: IN=eth1 OUT=ipsec0 SRC=192.168.201.225
> DST=192.168.200.210 LEN=96 TOS=0x00 PR .....
According to these you are dropping those packets.
> Sep 16 12:32:33 brainless pluto[6868]: "vpn1" #2: IPsec SA established
> {ESP=>0x84a2b2a8 <0x04e05ca6}
> Sep 16 12:32:42 brainless pluto[6868]: "vpn1" #1: ignoring Delete SA payload:
> PROTO_IPSEC_ESP SA(0x84a2b2a7) not found (maybe expired)
both sides are not in sync? Did you only restart one end?
First disable all firewall rules, then restart both ends and see if the problem
goes away. if it does, retune your firewall rules.
Paul
More information about the Users
mailing list