[Openswan Users] routing problems after changing kernel from to

Daniel Hauser hausi73 at gmx.ch
Wed Dec 5 03:14:03 EST 2007

Hi Andrew
I found the point where it failed. For some unknown reason the old Kernel 
masqueraded the outgoing traffic after the IPsec routing was made and the new 
Kernel does this before. In this case the data packets to the IPsec tunnel 
seemed to come from the gateway itself instead of a machine behind the 
gateway and therefore were not routed to the tunnel.
My solution is to mark all traffic to the tunnel with iptables and only 
masquerade not marked packets.


On Tuesday 04 December 2007 17.29, Schley Andrew Kutz wrote:
> Okay, then I'm out :( My first and only guess. Unless you've been
> mucking with iptables and don't allow outbound connections...

More information about the Users mailing list