[Openswan Users] Ipsec0 entry in route table
DarenHickman at ruggedcom.com
Tue Jan 2 10:43:17 EST 2007
. I am using openswan 2.4.5 and I have a problem, when I reboot the LINUX machine
with openswan stopped and then start openswan my VPN comes up and everything is
When I reboot the machine with openswan running and I do and IP route show it
it places a route to the 10.0.0.0 network using the ipsec0 interface.
10.123.63.128/26 dev eth1 proto kernel scope link src 10.123.63.190
10.123.63.128/26 dev ipsec0 proto kernel scope link src 10.123.63.190
192.168.5.0/24 dev eth2 proto kernel scope link src 192.168.5.1
192.168.4.0/24 dev eth4 proto kernel scope link src 192.168.4.1
192.168.3.0/24 dev eth3 proto kernel scope link src 192.168.3.1
192.168.2.0/24 dev eth2 proto kernel scope link src 192.168.2.1
10.0.0.0/8 dev ipsec0 scope link
default via 10.123.63.189 dev eth1 proto static
When this route is in the route table everything going to a 10.x.x.x network
is routed to ipsec0 interface even if the source address doesn't match the security
association (bad). Does anyone understand what is happening here? When openswan is started on a machine that
is already booted up there is no route for the ipsec0 interface when the tunnel comes up and only the
traffic with both the correct source and destination addresses are tunneled.
Any help would be greatly appreciated.
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.409 / Virus Database: 268.16.2/613 - Release Date: 1/1/2007
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Users