[Openswan Users] ipsec and "connect: Resource Temporarily Unavailable"
wsxwang at msn.com
Wed Nov 29 01:31:00 EST 2006
I have a problem while use ipsec on 2.6 kernel. The Linux box is mandrav
2006 Free edition with openswan 2.4.6. I update the kernel to 2.6.18, so
that NAT and IPSEC could work well on the same box.
local net IPSec/NAT gateway vpn IPSec/NAT gateway local net
Local net subnet1 and subnet2 does not know each other. The gateway
starts both IPSEC and NAT service on the same box. Nodes in subnet could
connect to Internet by NAT on gateway. Connection between gateway1 and
gateway2 is encrypted.
1. When IPSEC connection is established, everything goes well. But any
node in this network has trouble while connectting to a new host. For
Example, there is a node x in subnet2. Where node x ping a new host, it
gets the message: "connect: Resource Temporarily Unavailable". The new host
could be in anywhere, gateway1, gateway2, or some hosts on Internet.
2. When the IPSEC service is started, subnet's network is very slow,
whatever connection established or not. If IPSEC service is stoped, any
nodes in subnet1 or subnet2 could open a web page in several seconds, maybe
2 or 3. If IPSEC service is started, we need about 2minutes(max) to open a
web page, and sometimes we cannot open web pages.
Sorry about my pool English. I hope you can understand what I mean.
My real name is Wang Xiaoqi. I come from China. You could call me Rafael.
享用世界上最大的电子邮件系统― MSN Hotmail。 http://www.hotmail.com
More information about the Users