[Openswan Users] Nortel - Openswan - Road warrior configuration - nearly there but need help.

Herbert Xu herbert at gondor.apana.org.au
Fri Sep 24 22:17:03 CEST 2004

shad <shad.mortazavi at convergenceone.com> wrote:
> include /etc/ipsec.d/examples/no_oe.conf
> conn bwk
>       right= 70.xy.xy.4
>       rightsubnet=
>       pfs=yes
>       compress=no
>       rekey=yes
>       authby=secret
>       leftsubnet=192.y.x.48/
> My routing table now looks like;
> 192.yy.xx.0/24 dev eth0  proto kernel  scope link  src 192.yy.xx.51
> 192.yy.xx.0/24 dev vmnet1  proto kernel  scope link  src 192.yy.xx.1
> 172.yy.xx.0/24 dev vmnet8  proto kernel  scope link  src 172.yy.xx.1
> via 192.yy.xx.49 dev eth0

You are missing an src setting on this route.  You can get it by setting

The gateway field of the route is ignored in the presence of IPsec policies.
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <herbert at gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

More information about the Users mailing list