[Openswan Users] openSWAN to Cisco IOS
Christian Brechbühler
brechbuehler at gmail.com
Wed Nov 15 15:12:03 EST 2006
On 11/15/06, Frank.Mayer at knapp-systems.com <Frank.Mayer at knapp-systems.com>
wrote:
>
> Hi again,
>
> try setting
> leftnexthop=<ip address of your default gw>
Now that IP shows up in the gateway column when I run route. I think it's a
good thing. Ping to 10.14.8.X doesn't complain anymore about unreachable
host. I'm still not getting anything back, but that may be the other side's
intention (or misconfiguration)
It's just that OpenS/WAN sometimes seems to be unable to figure out
> routing correctly if you're using "%defaultroute".
>
> OpenS/WAN usually adds a kernel route if you're starting a tunnel like
> route add <rightsubnet> gw <leftnexthop>,
> if you are "left", or
> route add <leftsubnet> gw <rightnexthop>,
> if you are "right".
Yup, I'm getting that now (as route -n shows).
Usually, you need only one of them.
> What might be contraproductive in your case (not sure, but on a hunch) is
> that you define both "leftnexthop" and "rightnexthop" to be your default
> gateway.
The man page says "Relevant only locally, other end need not agree on it".
So I think, as I'm "left", the parameter rightnexthop will be ignored. And
I should take it out to reduce confusion.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20061115/e676caa9/attachment.html
More information about the Users
mailing list