[Openswan Users] Disappearing %defaultroute
Mario Lobo
mario.lobo at ipad.com.br
Thu Oct 20 10:46:52 CEST 2005
Hi;
I know this is in the FAQ. I was just wondering if there is any news on patches, fixups, etc...
I am using kernel 2.6.13.4 with all klips patches applied. I tried using ipsec.ko but pluto kept
seg faulting, so i compiled ipsec into the kernel. (no nat-t patches).
using openswan 2.4.0.
Everything works !!. Even with one end of the tunnel behind 2 NATs. I can ping all machines on the
LANs at both ends, from both ends.
LAN1 <--> GATEWAY(NAT) ipsec0 <--> ROUTER(NAT) <--> (internet) <--> ipsec0 (NAT)GATEWAY <--> LAN2
I left (overnight) a machine on LAN1 pinging a machine on LAN2 and vice-versa. When I arrived this
morning, both machines had stopped at around 5000 pings. When I checked the routes, the 0.0.0.0
route was going out through ipsec0 instead of eth0 interface on both GATEWAYs.
I tried:
ipsec tncfg --attach --virtual ipsec0 --physical eth0 (yes, eth0 IS my outter inerface)
the command performmed with no erros, but the default route was still through ipsec0. I tried
detach and re-attach but, results were the same.
Only a service network restart solved the problem.
I know it is easy to solve this with a cron script but I would like to avoid that. It would be
better to find out the whys and whats of this problem, and try to solve it from inside.
So I wrote to see if there is any new info on it.
Thanks,
--
//| //||
// | // ||
-//--//---|| ARIO LOBO
// // ||
---------------------------------
mario.lobo at ipad.com.br
http://www.ipad.com.br
More information about the Users
mailing list