[Openswan Users] vpn route problem
José Angel Blanco González
jose at treelogic.com
Wed Apr 12 19:24:23 CEST 2006
Hello, I am trying to configure a vpn net-net connection between openswan - cisco concentrator.
The connection establish ok but I can´t route packets.
The topology is
10.242.192.0/27-----195.55.11.30-----------------------------------------212.89.0.28-----10.10.2.0/23
This is a copy of the conn in /etc/ipsec.conf
conn vpn-net
# Left security gateway, subnet behind it, nexthop toward right.
type= tunnel
authby=secret
keyingtries=1
keyexchange=ike
esp=3des-md5-96
pfs=yes
left=195.55.11.30
leftsubnet=10.242.192.0/27
leftnexthop=%defaultroute
# Right security gateway, subnet behind it, nexthop toward left.
right=212.89.0.28
rightsubnet=10.10.2.0/23
rightnexthop=%defaultroute
# To authorize this connection, but not actually start it,
# at startup, uncomment this.
auto=start
I receive the msg "IPSec SA established" but I cant route.
"route -n" shows this
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.242.192.0 0.0.0.0 255.255.255.224 U 0 0 0 eth1
195.55.11.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
10.10.2.0 195.55.11.1 255.255.254.0 UG 0 0 0 eth0
0.0.0.0 195.55.11.1 0.0.0.0 UG 0 0 0 eth0
If I try "route add -net 10.10.2.0 netmask 255.255.254.0 gw 212.89.0.28" I receive the message "Network is unreachable"
How could I route packets to remote vpn?
Thank you
JOSE
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20060412/ef310486/attachment.htm
More information about the Users
mailing list