[Openswan Users] linksys problems
Boris Sagadin
boris at intera.si
Mon Apr 4 09:56:11 CEST 2005
Hello,
I'm trying to establish a VPN tunnel between linux server and linksys
BEFVP41 router.
network is:
192.168.1.0/24--193.77.158.124--213.250.19.90----213.250.19.90--193.95.221.221--10.25.0.0/24
213.250.19.90 is ISP router, which is the same default route for both
ADSL clients.
I have followed the instructions at http://www.freeswan.ca/docs/BEFVP41/
Tunnel comes up fine, but no data is ever sent over the ipsec interface.
When I ping the remote LAN, I get this in logs:
Apr 4 08:42:02 tenzor kernel: klips_debug:ipsec_findroute: 193.77.158.124:0->10.25.0.101:0 1
Apr 4 08:42:02 tenzor kernel: klips_debug:rj_match: * See if we match exactly as a host destination
Apr 4 08:42:02 tenzor kernel: klips_debug:rj_match: ** try to match a leaf, t=0xc3598780
Apr 4 08:42:02 tenzor kernel: klips_debug:rj_match: *** start searching up the tree, t=0xc3598780
Apr 4 08:42:02 tenzor kernel: klips_debug:rj_match: **** t=0xc3598798
Apr 4 08:42:02 tenzor kernel: klips_debug:rj_match: **** t=0xc7576cc0
Apr 4 08:42:02 tenzor kernel: klips_debug:rj_match: ***** cp2=0xcf2b3928 cp3=0xc7576130
Apr 4 08:42:02 tenzor kernel: klips_debug:rj_match: ***** not found.
Apr 4 08:42:02 tenzor kernel: klips_debug:ipsec_tunnel_start_xmit: checking for local udp/500 IKE packet saddr=c14d9e7c, er=00000000, daddr=a190065, er_dst=0, proto=1 sport=0 dport=0
Apr 4 08:42:02 tenzor kernel: klips_debug:ipsec_tunnel_start_xmit: Original head,tailroom: 16,28
Apr 4 08:42:02 tenzor kernel: klips_debug:ipsec_tunnel_start_xmit: shunt SA of DROP or no eroute: dropping.
No packets are being sent over the link:
ipsec0 Link encap:Point-to-Point Protocol
inet addr:193.77.158.124 Mask:255.255.255.255
UP RUNNING NOARP MTU:16260 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:62 overruns:0 carrier:0
collisions:0 txqueuelen:10
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
Routing looks OK:
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
213.250.19.90 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0
213.250.19.90 0.0.0.0 255.255.255.255 UH 0 0 0 ipsec0
192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
10.25.0.0 213.250.19.90 255.255.255.0 UG 0 0 0 ipsec0
192.168.254.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
0.0.0.0 213.250.19.90 0.0.0.0 UG 0 0 0 ppp0
ipsec verify
Checking your system to see if IPsec got installed and started correctly
Version check and ipsec on-path [OK]
Checking for KLIPS support in kernel [OK]
Checking for RSA private key (/etc/ipsec.secrets) [OK]
Checking that pluto is running [OK]
DNS checks.
Looking for forward key for tenzor [NO KEY]
Does the machine have at least one non-private address [OK]
Two or more interfaces found, checking IP forwarding [OK]
Checking NAT and MASQUERADING
tun0x1006 at 193.95.221.221:0 [OK]
Barf log is at http://guest.gorenc.com/barf.txt.gz
Any comments much appreciated.
--
lp,
Boris Sagadin boris at intera.si
More information about the Users
mailing list