[Openswan Users] VPN is up, routing problem
Paul Wouters
paul at xelerance.com
Mon Aug 27 11:26:06 EDT 2007
On Mon, 27 Aug 2007, Ludovic MARCILLY wrote:
> > In my logs, i can see "Ipsec SA established" but i can't ping 192.168.1.0/
> > 24 networks computers from 192.168.2.0/24 network.
> >
> > Here is the routing table on Linux 2:
> >
> > 81.23.32.136 0.0.0.0 255.255.255.248 U 0 0 0 eth2
> > 192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
> > 192.168.1.0 81.23.32.138 255.255.255.0 UG 0 0 0 eth2
> > 10.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 eth1
> > 0.0.0.0 81.23.32.138 0.0.0.0 UG 0 0 0 eth2
> >
> > I don't paste here the routing table of Linux 1 since it is almost the same
> > thing. (it the same thing for ipsec.conf).
> >
> > If i add a route which tell that gateway to reach 192.168.1.0/24 network is
> > 81.23.32.137, it works well but i don't want to add the route manually.
Your routing tables says that 192.168.1.0/24 lives at 81.23.32.138, while you
want it to live behind 81.23.32.137 (via ipsec). You should remove the route
for 192.168.1.0 to 81.23.32.138 then.
Paul
More information about the Users
mailing list