[Openswan Users]

Paul Wouters paul at xelerance.com
Wed Nov 23 17:53:45 CET 2005


On Wed, 23 Nov 2005, moses reuben wrote:

> My ipsec hosts are 192.168.20.20 and 172.16.20.20 (the tunnel left and right subnet are 172.16.0.0/16 and 192.168.0.0/16)
> and I'm sending ipcomp traffic from host to host (I have a device driver generating the ipcomp traffic). I see that the
> ipcomp traffic passes throw the ipsec0 but isn't encrypted just routed. Has anyone have an idea why this is happening
> (other local traffic is encrypted properly).

I am not sure what you mean with "ipcomp" traffic. The ipcomp kernel
module is only used with NETKEY, not KLIPS. You seem to be using KLIPS
since you have ipsec0 interfaces.  Traffic needs to be routed into an
ipsec0 device to be processed by KLIPS and thus get encrypted.

Paul


More information about the Users mailing list