[Openswan Users] route? problem

Robin Ericsson lobbin at gmail.com
Fri Jul 21 23:28:43 CEST 2006


Hi,

I'm having problems with my tunnel.

My setup is:
1: D-Link DI-824VUP+
2: Linux 2.4 with Openswan and Shorewall firewall

The tunnel goes up without any problems and if I initiate connection
from the D-Link everything works as it should, ping, tcp connections,
etc.

However, if I try to make any move from the Linux side nothing
happens. I'm not sure if this is due to the Linux side having multiple
network cards and such?

D-Link private ip is 192.168.0.1 and network /24.
Linux setup is eth0 = 192.168.1.1, network/24, eth1 = public ip where
tunnel is initiated.

Route looks like this after a successful tunnel:
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
pub.lic.ip.nr   *               255.255.255.240 U     0      0        0 eth1
pub.lic.ip.nr   *               255.255.255.240 U     0      0        0 ipsec0
192.168.1.0     *               255.255.255.0   U     0      0        0 eth0
192.168.0.0     pub.lic.gt.wy   255.255.255.0   UG    0      0        0 ipsec0
169.254.0.0     *               255.255.0.0     U     0      0        0 eth0
127.0.0.0       *               255.0.0.0       U     0      0        0 lo
default         pub.lic.gt.wy   0.0.0.0         UG    0      0        0 eth1

As you can see, the route seems ok.

I've tried checking with tcpdump on the Linux as
tcpdump -i ipsec0 host 192.168.0.1

When I ping from 192.168.0.1 I see the ping request and the reply.
When I ping from the Linux server I see nothing. If I try a tcp
connect from Linux to 192.168.0.1 it ends up with a SYN_SENT, but the
funny thing is that the Linux side ip is listed as my public ip, not
192.168.1.1 as it should be.

Any ideas? I know I'm rambling at the moment :)

-- 
        regards,
        Robin


More information about the Users mailing list