[Openswan Users] post tunnel creation question.
Gary W. Smith
gary at primeexalia.com
Sat Jan 15 01:03:43 CET 2005
Digging deeper into the problem I found that the tunnel was working. I
had a bad hard-coded route on my laptop. Adding {left,right}sourceip to
the connection also fixed the gw-gw ping...
I've spent 4 hours on something that was working... Doh.
Gary
________________________________
From: users-bounces at openswan.org [mailto:users-bounces at openswan.org] On
Behalf Of Gary W. Smith
Sent: Friday, January 14, 2005 5:26 PM
To: users at openswan.org
Subject: [Openswan Users] post tunnel creation question.
I'm new to ipsec so forgive me if this is simple.
I have looked over both the freeswan and openswan sites and can't really
find what I am looking for. I have established a tunnel between two
firewalls and everything appears to be working with the exception of
routing.
I can't ping either end of the network, including the initiator, over
the tunnel.
The routes look like this on the initiators side:
63.185.225.128 0.0.0.0 255.255.255.128 U 0 0 0
eth0
10.94.16.0 63.185.225.129 255.255.255.0 UG 0 0 0
eth0
10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0
eth1
169.254.0.0 0.0.0.0 255.255.0.0 U 0 0 0
eth1
0.0.0.0 63.185.225.129 0.0.0.0 UG 0 0 0
eth0
The 10.94.16.x is the remote network. The other site looks about the
same (except pointing to this lan on eth0).
I have this in both configs:
conn a-to-b
type=tunnel
left=63.185.225.254
leftsubnet=10.0.0.0/16
leftid=@location.a
leftrsasigkey=0soLLYAb7EUYCi+FbByIJOwMbH0F99W2EvBF3+zHnp
leftnexthop=%defaultroute
right=83.29.32.49
rightsubnet=10.94.16.0/24
rightid=@locationb
rightrsasigkey=0sYXVoyk7PBn4toDslSw5EBGWPJS/u9x9uQasxuBm
rightnexthop=%defaultroute
auto=add
Did I miss something?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20050115/c94a46c2/attachment-0001.htm
More information about the Users
mailing list