[Openswan Users] Ipsec0 entry in route table

[Daren Hickman]

. I am using openswan 2.4.5 and I have a problem, when I reboot the LINUX machine
 with openswan stopped and then start openswan my VPN comes up and everything is
 fine.  

When I reboot the machine with openswan running and I do and IP route show it
 it places a route to the 10.0.0.0 network using the ipsec0 interface.

10.123.63.128/26 dev eth1  proto kernel  scope link  src 10.123.63.190
10.123.63.128/26 dev ipsec0  proto kernel  scope link  src 10.123.63.190
192.168.5.0/24 dev eth2  proto kernel  scope link  src 192.168.5.1
192.168.4.0/24 dev eth4  proto kernel  scope link  src 192.168.4.1
192.168.3.0/24 dev eth3  proto kernel  scope link  src 192.168.3.1
192.168.2.0/24 dev eth2  proto kernel  scope link  src 192.168.2.1
10.0.0.0/8 dev ipsec0  scope link
 default via 10.123.63.189 dev eth1  proto static

 When this route is in the route table everything going to a 10.x.x.x network
is routed to ipsec0 interface even if the source address doesn't match the security
association (bad).  Does anyone understand what is happening here?  When openswan is started on a machine that 
is already booted up there is no route for the ipsec0 interface when the tunnel comes up and only the 
traffic with both the correct source and destination addresses are tunneled.

Any help would be greatly appreciated.

Regards,

Daren

-- 
No virus found in this outgoing message.
Checked by AVG Free Edition.
Version: 7.1.409 / Virus Database: 268.16.2/613 - Release Date: 1/1/2007
 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20070102/ce191d92/attachment-0001.html