[Openswan Users] questions about %defaultroute
Paul Wouters
paul at xelerance.com
Fri Oct 13 20:09:59 EDT 2006
On Fri, 13 Oct 2006, Dan Meiron wrote:
> The laptop runs Suse Linux 10.1 and I have downloaded and installed
> openswan-2.4.4-18
If possible upgrade to something newer. 2.4.6 or 2.4.7rc2.
> Setting up IPsec policies done
> Starting IPsec IKE daemon (racoon) done
Interesting, you start the racoon daemon?
> ipsec_setup: Starting Openswan IPsec U2.4.4/K2.6.16.21-0.25-smp...
And then still can start openswan? It should complain about not being able to
find port 500
> ipsec_setup: no default route, %defaultroute cannot cope!!!
> I have looked at the various postings and read the Openswan book and checked
> that a default route does seem to exist on eth0: which is the wired
> interface:
>
> ip route gives
>
> 10.128.205.0/24 dev eth0 proto kernel scope link src 10.128.205.107
> 127.0.0.0/8 dev lo scope link
> default via 10.128.205.1 dev eth0
Is the route visible with "route -n" ? If it is some advanced route, perhaps
openswan isn't seeing it, and therefor does not know what interface to use?
> and in general on other networks I do get a default route. The laptop has two
> interfaces eth0 (wired) and eth1 wireless.
>
> I enabled ip forwarding on interface eth0 but I wouldn't have thought this
> was necessary amd it doesn't solve the issue
That's not neccesary indeed.
> My main goal is to set up a road warrior connection from this laptop to a
> Linksys RV0041 router. The connection entry following the Openswan book is
Are you using klips or netkey?
You could try as workaround:
interfaces="ipsec0=eth0 ipsec1=eth1"
Could you give me the output of "ipsec barf" before you use this workaround?
Paul
--
Building and integrating Virtual Private Networks with Openswan:
http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
More information about the Users
mailing list