[Openswan Users] no default routes
Paul Wouters
paul at xelerance.com
Mon Sep 20 17:45:27 CEST 2004
On Mon, 20 Sep 2004, Chris McKeever wrote:
> I have two network cards, eth0/eth1
> eth1 being the public side and eth0 being the private side
>
> route
> Kernel IP routing table
> Destination Gateway Genmask Flags Metric Ref Use Iface
> 192.168.0.0 * 255.255.255.0 U 0 0 0 eth0
> 192.168.250.0 * 255.255.255.0 U 0 0 0 eth1
> 192.168.250.0 * 255.255.255.0 U 0 0 0 ipsec0
> default 192.168.0.254 0.0.0.0 UG 0 0 0 eth0
>
> If I leave interfaces=%defaultroute, then I get the ipsecn message,
> when I explicitly define ipsec0=eht1 , I can see the connections
> trying but unfortunately, the leftnexthop is defined wrong.
Can't you set leftnexthop to 192.168.250.20?
> I am trying to VPN through a switch
> (if you are wondering why - the switch is a wireless access point - so
> I am trying to only let authenticated users onto the lan)
>
> client(192.168.250.20) -- 192.168.250.1/left gateway/192.168.0.13
Is your gateway 192.168.0.13 or 192.168.0.254? According to the route cmd
it is 192.168.0.254.
> config setup
> interfaces="ipsec0=eth1"
> klipsdebug=none
> plutodebug=none
> plutoload=%search
> plutostart=%search
This is openswan-1?
> plutowait=no
> uniqueids=yes
>
> conn %default
> keyingtries=0
>
> conn statis
> left=192.168.250.1
> leftsubnet=192.168.0.0/24
> leftnexthop=192.168.250.10 <---- definately doesnt work
> right=%any
Why not right=192.168.250.20?
> any suggestions?
I'd need to see more information, such as an 'ipsec barf' to see more
details on what is going wrong. Likely there are non-standard routes,
like hostroutes that might be complicating things.
Paul
--
"Non cogitamus, ergo nihil sumus"
More information about the Users
mailing list