[Openswan Users] Openswan not routing XP client
Craig Chandler
Craig.Chandler at InterDynamics.com
Thu Feb 3 11:58:03 CET 2005
Hi all, i'm trying to configure a VPN tunnel through a Strongswan
gateway like this:-
o|Gateway|o=================o|XP Client
192.168.0.49 192.168.34.1 192.168.34.137
||
||
||
||
o
-
internal lan
192.168.0.105
currently i can ping the 192.168.0.49 from the XP client but not
192.168.0.105 and i cant work out why...?
There is no iptables active on any of the machines
and ip forwarding is turned "on" on the gateway machine
shtkicker:~# cat /proc/sys/net/ipv4/ip_forward
1
kernel version 2.6.10
Openswan U2.3.0/K2.6.10 (netkey)
ipsec.conf file
config setup
interfaces="ipsec0=eth1"
# Sample VPN connection
conn %default
authby=rsasig
# Local security gateway and subnet behind it.
left=192.168.34.1
leftsubnet=192.168.0.0/24
# Certificate of local security gateway
leftrsasigkey=%cert
leftcert=shtkicker-cert.pem
auto=add
conn roving
right=192.168.34.137
rightrsasigkey=%cert
rightcert=client-cert.pem
auto=add
Gateway route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use
Iface
192.168.34.137 192.168.34.137 255.255.255.255 UGH 0 0 0 eth1
192.168.34.0 192.168.34.1 255.255.255.0 UG 0 0 0 eth1
192.168.34.0 * 255.255.255.0 U 0 0 0 eth1
192.168.0.0 * 255.255.255.0 U 0 0 0 eth0
default 192.168.0.1 0.0.0.0 UG 0 0 0 eth0
XP Client route
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.34.137 192.168.34.137 1
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.0.0 255.255.255.255 192.168.34.1 192.168.34.137 1
192.168.34.0 255.255.255.0 192.168.34.137 192.168.34.137 1
192.168.34.137 255.255.255.255 127.0.0.1 127.0.0.1 1
192.168.34.255 255.255.255.255 192.168.34.137 192.168.34.137 1
224.0.0.0 224.0.0.0 192.168.34.137 192.168.34.137 1
255.255.255.255 255.255.255.255 192.168.34.137 192.168.34.137 1
Default Gateway: 192.168.34.137
===========================================================================
192.168.0.105 route table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.105
30
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.0.0 255.255.255.0 192.168.0.105 192.168.0.105
30
192.168.0.105 255.255.255.255 127.0.0.1 127.0.0.1
30
192.168.0.255 255.255.255.255 192.168.0.105 192.168.0.105
30
192.168.34.0 255.255.255.0 192.168.0.49 192.168.0.105 1
192.168.49.0 255.255.255.0 192.168.49.1 192.168.49.1
20
192.168.49.1 255.255.255.255 127.0.0.1 127.0.0.1
20
192.168.49.255 255.255.255.255 192.168.49.1 192.168.49.1
20
192.168.140.0 255.255.255.0 192.168.140.1 192.168.140.1
20
192.168.140.1 255.255.255.255 127.0.0.1 127.0.0.1
20
192.168.140.255 255.255.255.255 192.168.140.1 192.168.140.1
20
224.0.0.0 240.0.0.0 192.168.0.105 192.168.0.105
30
224.0.0.0 240.0.0.0 192.168.49.1 192.168.49.1
20
224.0.0.0 240.0.0.0 192.168.140.1 192.168.140.1
20
255.255.255.255 255.255.255.255 192.168.0.105 192.168.0.105 1
255.255.255.255 255.255.255.255 192.168.49.1 192.168.49.1 1
255.255.255.255 255.255.255.255 192.168.140.1 192.168.140.1 1
Default Gateway: 192.168.0.1
===========================================================================
regards
--
Craig Chandler
Application Developer
InterDynamics Pty. Ltd.
Adelaide Office: Brisbane Office:
24th Floor, Santos House Level 3, Christie Centre
91 King William St. 320 Adelaide St.
Adelaide SA 5000 Brisbane Qld 4000
Tel: +61 8 8233 5965 +61 7 3229 8300
Fax: +61 8 8233 5858 +61 7 3010 9001
Craig.Chandler at InterDynamics.com
InterDynamics Web Page : http://www.InterDynamics.com
More information about the Users
mailing list