[Openswan Users] multiple ipsec interface issue - any ideas?
Martin Glazer
sourceforge at glazer.ca
Thu Nov 3 04:08:18 CET 2005
Hey all,
I'm running OpenSwan 1.0.9 on a firewall with 2 internet connections - one
being the default route (eth1) and the other (eth0) specifically for traffic
to a single application provider.
Openswan is setup on the default interface (eth1) and works perfectly using
certificates and roadwarrior connections - this is ipsec0
I am trying to setup Openswan on the second interface (eth0) as well and have
designated this as ipsec1.
The issue I am having is that all vpn connections to ipsec1 do not complete -
they all stop at
"transition from state (null) to state STATE_MAIN_R1 "
and then nothing else.
I have checked the firewall rules (and even disabled the firewall completely)
and there is nothing there preventing IKE packets.
When running tcpdump on both interfaces, I see the original IKE request come
in on the correct interface (eth0/ipsec1), but outgoing replies are on the
default route interface (eth1/ipsec0).
Anybody have any ideas on solving this or can explain why it is happening?
Thanks
Martin
More information about the Users
mailing list