[Openswan Users] Route to subnet not established?
Per Arnold Blåsmo
pab at norbit.no
Thu Mar 23 14:31:57 CET 2006
Hi!
My server is running Fedora FC4 with kernel 2.6.15-1.1833_FC4smp,
openswan-2.4.4-1.0.FC4.1 and ipsec-tools-0.5-4.
I have an error messages in my secure log that I think cases me problem
to communicate correctly through the tunnel.
Her is my output from my log:
netti pluto[18254]: "roadwarrior-net"[1] {my_homeext_ip} #2: responding
to Quick Mode {msgid:fadf9e9f}
netti pluto[18254]: "roadwarrior-net"[1] {my_homeext_ip} #2: transition
from state STATE_QUICK_R0 to state STATE_QUICK_R1
netti pluto[18254]: "roadwarrior-net"[1] {my_homeext_ip} #2:
STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2
netti pluto[18254]: "roadwarrior-net"[1] {my_homeext_ip} #2: up-client
output: Cannot open "/proc/sys/net/ipv4/route/flush"
netti pluto[18254]: "roadwarrior-net"[1] {my_homeext_ip} #2:
route-client output: Cannot open "/proc/sys/net/ipv4/route/flush"
netti pluto[18254]: "roadwarrior-net"[1] {my_homeext_ip} #2: transition
from state STATE_QUICK_R1 to state STATE_QUICK_R2
netti pluto[18254]: "roadwarrior-net"[1] {my_homeext_ip} #2:
STATE_QUICK_R2: IPsec SA established {ESP=>0x49524060 <0xea2f3543
xfrm=AES_256-HMAC_MD5 NATD=none DPD=none}
the error are:
up-client output: Cannot open "/proc/sys/net/ipv4/route/flush"
route-client output: Cannot open "/proc/sys/net/ipv4/route/flush"
which as I understand indicates that pluto is unable to flush the
routing tables after altering the routing.
I am not sure what is causing it and what the consequence is. But when i
ping (or any other requests) from my home network to a local machine on
the work subnet, the ping gets to the FW, but not to the locale machine.
The only differens from my home-fw and work-fw is that the work-fw runs
an smp kernel.
Anyone able to give a clu on what to do?
Per A.
More information about the Users
mailing list