[Openswan Users] Interop with Linksys: SA established, but no traffic coming through
Paul Wouters
paul at xelerance.com
Wed Dec 5 00:47:12 EST 2007
On Tue, 4 Dec 2007, Michael Tinsay wrote:
> Pinging a servers behind the Linksys router gives me 'TTL exceed' errors, which
Do a traceroute. It's most likely a routing loop.
> leftsubnet=192.168.45.0/24
> rightsubnet=222.222.222.0/24
> Here's the output of route -n after the tunnel has been established:
> ---BEGIN
>
> Kernel IP routing table
> Destination Gateway Genmask Flags Metric Ref Use Iface
> 10.64.64.64 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0
> 192.168.45.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
> 222.222.222.0 0.0.0.0 255.255.255.0 U 0 0 0 ppp0
> 169.254.0.0 0.0.0.0 255.255.0.0 U 1000 0 0 eth0
> 0.0.0.0 0.0.0.0 0.0.0.0 U 0 0 0 ppp0
Ah. Your "default route" is extremely ugly. I wonder if netkey does not
know what to do with the packet and cuases the routing loop.
> ppp0 Link encap:Point-to-Point Protocol
> inet addr:122.52.36.27 P-t-P:10.64.64.64 Mask:255.255.255.255
wow. If you can switch ISP's, now would be a good time to do so. Their
network is ugly
Try:
route del default
route add -host 10.64.64.64 ppp0
route add default gw 10.64.64.64
ipsec setup restart
also, check with 'ipsec verify' to see if there are any other issues.
if all of that doesnt help, post a link to you "ipsec barf" output to
the list for us to have a look at.
Paul
More information about the Users
mailing list