[Openswan Users] Odd behavior Linux Client to working 'roadwarrior' server
Rick Romero
rick at havokmon.com
Fri Aug 25 16:59:26 EDT 2006
Rick Romero wrote:
> Jacco de Leeuw wrote:
>
>> Rick Romero wrote:
>>
>>
>>> Aug 25 12:26:17 localhost pluto[3645]: ERROR: asynchronous network
>>> error report on eth0 (sport=4500) for message to 24.164.254.185 port
>>> 4500, complainant 64.198.2.71: No route to host [errno 113, origin
>>> ICMP type 3 code 1 (not authenticated)]
>>>
>> Could you try adding a leftnexthop=<IPofyourgateway> ?
>>
>> Jacco
>>
> The client is XP, so I assume you mean the vpn server (I know I replied
> to a solution for a different issue)
> I did that, under the 'roadwarrior' setup: (Nate Carlsons config)
> conn roadwarrior
> left=%defaultroute
> leftnexthop=64.198.2.78
> leftcert=vpn.pem
> right=%any
> rightsubnet=vhost:%no,%priv
> auto=add
> pfs=yes
>
> I get the same error.
>
> I also noticed that I can't connect from XP on the same subnet as the
> VPN machine, where my XP IP is 64.198.2.77, and the VPN machine is
> 64.198.2.71. Is that right too? I'm totally second-guessing myself
> now, I ran tcpdump on the gateway, and I don't even see any packets from
> XP on that subnet (if I say type=auto, instead of l2tp on XP I do see
> the pptp attempt). I have to call someone at home to test it for me...
>
> Rick
>
>
Ah-ha. Minor change to Nate's config, add
leftnexthop=vpn's gateway
to conn roadwarrior-l2tp
I really need to pick up that book.. I haven't felt things were this far over my head in a long time :)
Thanks!
Rick
More information about the Users
mailing list