[Openswan Users] Routing problem

Paul Wouters paul at xelerance.com
Wed Feb 7 09:14:15 EST 2007


On Wed, 7 Feb 2007, Ludovic wrote:

> I just have a  new problem. VPN is loaded, trafic goes through vpn and
> i can't access router interface. Trafic to 192.168.7.1 goes through
> ipsec0 interface.
>
> Here is routing table:
>
> 192.168.7.0   0.0.0.0         255.255.255.0 eth2
> 192.168.7.0   0.0.0.0         255.255.255.0 ipsec0

This route into ipsec0 is bogus. I am hunting down this bug myself too.
Is this on a system with busybox, and its version of the "ip" command?
I'm running into this myself on openwrt. What is a workaround for me
is to do:

	route del 192.168.7.0 dev ipsec0
	route add 192.168.7.1 dev eth2

I think this is a bug in the _updown script.

> When upgrading openswan, i also have patched kernel to do load
> balancing (http://www.ssi.bg/~ja/#routes). Can this patch have bad
> effects on openswan?

Your current problem is not the result of those patches I think. They might
have other effects, since they patch the NAT/MASQ and netfilter/iptables
code. I wouldn't know without doing serious testing.

Paul
-- 
Building and integrating Virtual Private Networks with Openswan:
http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155


More information about the Users mailing list