[Openswan Users] OpenSwan in UML
Jax
cybercorecentre at gmail.com
Sat Nov 4 06:03:39 EST 2006
Paul Wouters wrote:
> On Thu, 26 Oct 2006, Jax wrote:
>
>
>
>> "ipsec__plutorun: ipsec_auto: fatal error in "l2tp-psk-orgWIN2KXP":
>> %defaultroute requested but not known"
>>
>> Anyway the "%defaultroute requested" always in the log. It's obvious I don't
>> want to setup any default route for the 172.16.5.0 network which only for the
>> roadwarriors.
>>
>
> Then you should not use left=%defaultroute, but specify left's IP address, and
> perhaps leftnexthop=.
>
>
>> -the last issue with uml (and I think this isn't depend on hardware because I
>> tried on both host), sometimes the connection freeze for 10-30 sec and I think
>> this is connect to the previous routing error
>>
>
> I do not know what oculd be causing that. You will have to investigate
> further and see if you can find more symptoms or reasons.
>
>
Hello!
I solved this, and maybe the answer will interest the others who want to
do similar setup with uml. So what I did was to simply add +1 TAP device
to my uml, this way I got 2 interfaces, on 1 bridge.
bridge name bridge id STP enabled interfaces
br0 8000.00062950d82b no eth0
tap2
tap3
tap4
tap5
tap6
As you see I run few other uml on this host :) but it's not a problem
because after ipsec and the 2.nd subnet got an own interface, every
problem gone.
interfaces="ipsec0=eth1"
and modification in the uml init script:
....
sleep 30
tunctl -u $USER -t tap6
ifconfig tap6 0.0.0.0 promisc up
brctl addif br0 tap6
.....
It require a little time after tap5 (if this is the first interface of
the machine), but you can set lower sleep value.
The conclusion maybe that you don't use interface alias in uml for ipsec.
> Paul
>
Regards,
Jax
More information about the Users
mailing list