[Openswan Users] Fwd: route? problem
Robin Ericsson
lobbin at gmail.com
Mon Jul 24 22:42:06 CEST 2006
Anyone? Any ideas why my source address is wrong over the tunnel?
regards,
Robin
---------- Forwarded message ----------
From: Robin Ericsson <lobbin at gmail.com>
Date: Jul 21, 2006 10:28 PM
Subject: route? problem
To: users at openswan.org
Hi,
I'm having problems with my tunnel.
My setup is:
1: D-Link DI-824VUP+
2: Linux 2.4 with Openswan and Shorewall firewall
The tunnel goes up without any problems and if I initiate connection
from the D-Link everything works as it should, ping, tcp connections,
etc.
However, if I try to make any move from the Linux side nothing
happens. I'm not sure if this is due to the Linux side having multiple
network cards and such?
D-Link private ip is 192.168.0.1 and network /24.
Linux setup is eth0 = 192.168.1.1, network/24, eth1 = public ip where
tunnel is initiated.
Route looks like this after a successful tunnel:
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
pub.lic.ip.nr * 255.255.255.240 U 0 0 0 eth1
pub.lic.ip.nr * 255.255.255.240 U 0 0 0 ipsec0
192.168.1.0 * 255.255.255.0 U 0 0 0 eth0
192.168.0.0 pub.lic.gt.wy 255.255.255.0 UG 0 0 0 ipsec0
169.254.0.0 * 255.255.0.0 U 0 0 0 eth0
127.0.0.0 * 255.0.0.0 U 0 0 0 lo
default pub.lic.gt.wy 0.0.0.0 UG 0 0 0 eth1
As you can see, the route seems ok.
I've tried checking with tcpdump on the Linux as
tcpdump -i ipsec0 host 192.168.0.1
When I ping from 192.168.0.1 I see the ping request and the reply.
When I ping from the Linux server I see nothing. If I try a tcp
connect from Linux to 192.168.0.1 it ends up with a SYN_SENT, but the
funny thing is that the Linux side ip is listed as my public ip, not
192.168.1.1 as it should be.
Any ideas? I know I'm rambling at the moment :)
--
regards,
Robin
--
regards,
Robin
More information about the Users
mailing list