[Openswan Users] RTNETLINK answers: Network is unreachable

Xavier Mauricio Tirado Luna xaviertirado at hotmail.com
Mon Nov 5 14:03:22 EST 2007

Dear users,
I got a problem, 
RTNETLINK answers: Network is unreachable
Everything looks fine, i tried in a VMWare configuration and it worked out but when i take it to the real world it goes bad.
Here my ipsec.conf 
version 2.0
config setup        interfaces=%defaultroute
conn vpncom        compress=yes        left=        leftsubnet=        #leftid=@vpnleft        leftrsasigkey=0sAQPLybKue+kfjnQ7CNEp5Yqcwbshx+qN8su+FBx2U4k+cTHXJ7sz7iO4xcqCyeLlTNs1JlSO9D1Iv1wrWeKr        right=        #rightid=@vpnrigth        rightsubnet=        rightrsasigkey=0sAQN7/0Z7GOzBUinphWzaKR+HgUhWBRNoYuUhq4QfJetiSs6CP27hCpGpWRe5fyMAWEWpBQyXNA4O7nb        authby=rsasig        #authby=secret        auto=start
conn block        auto=ignore
conn private        auto=ignore
conn private-or-clear        auto=ignore
conn clear-or-private        auto=ignore
conn clear        auto=ignore
conn packetdefault        auto=ignoreLAST lines of ipsec auto --status
000 "vpncom":; erouted; eroute owner: #4000 "vpncom":     srcip=unset; dstip=unset000 "vpncom":   ike_life: 3600s; ipsec_life: 28800s; rekey_margin: 540s; rekey_fuzz: 100%; keyingtries: 0000 "vpncom":   policy: RSASIG+ENCRYPT+COMPRESS+TUNNEL+PFS+UP; prio: 24,24; interface: eth0;000 "vpncom":   newest ISAKMP SA: #1; newest IPsec SA: #4;000 "vpncom":   IKE algorithm newest: 3DES_CBC_192-MD5-MODP1536000000 #3: "vpncom" STATE_QUICK_R2 (IPsec SA established); EVENT_SA_REPLACE in 26573s000 #3: "vpncom" esp.8ac25ef4 at esp.80410cba at comp.6462 at comp.69c5 at tun.0 at tun.0 at #2: "vpncom" STATE_MAIN_R3 (sent MR3, ISAKMP SA established); EVENT_SA_REPLACE in 1372s; lastdpd=-1s(seq in:0 out:0)000 #4: "vpncom" STATE_QUICK_I2 (sent QI2, IPsec SA established); EVENT_SA_REPLACE in 26088s; newest IPSEC; eroute owner000 #4: "vpncom" esp.41d1e48f at esp.c6c0bd4e at comp.10c9 at comp.a1cb at tun.0 at tun.0 at #1: "vpncom" STATE_MAIN_I4 (ISAKMP SA established); EVENT_SA_REPLACE in 808s; newest ISAKMP; lastdpd=-1s(seq in:0 out:0)000
some of /var/log/messages
Nov  5 13:27:45 contex ipsec_setup: KLIPS ipsec0 on eth0 broadcast  5 13:27:45 contex ipsec_setup: ...Openswan IPsec startedNov  5 13:27:45 contex ipsec_setup: Starting Openswan IPsec 2.3.0...Nov  5 13:27:45 contex ipsec_setup: insmod /lib/modules/2.6.9-42.ELsmp/kernel/net/key/af_key.koNov  5 13:27:45 contex ipsec_setup: insmod /lib/modules/2.6.9-42.ELsmp/kernel/net/ipv4/xfrm4_tunnel.koNov  5 13:27:45 contex ipsec__plutorun: 104 "vpncom" #1: STATE_MAIN_I1: initiateNov  5 13:27:45 contex ipsec__plutorun: ...could not start conn "vpncom"
some of /var/log/secure
Nov  5 13:27:55 contex pluto[421]: "vpncom" #1: received Vendor ID payload [Dead Peer Detection]Nov  5 13:27:55 contex pluto[421]: "vpncom" #1: transition from state STATE_MAIN_I1 to state STATE_MAIN_I2Nov  5 13:27:55 contex pluto[421]: "vpncom" #1: I did not send a certificate because I do not have one.Nov  5 13:27:55 contex pluto[421]: "vpncom" #1: transition from state STATE_MAIN_I2 to state STATE_MAIN_I3Nov  5 13:27:55 contex pluto[421]: "vpncom" #1: Main mode peer ID is ID_IPV4_ADDR: ''Nov  5 13:27:55 contex pluto[421]: "vpncom" #1: transition from state STATE_MAIN_I3 to state STATE_MAIN_I4Nov  5 13:27:55 contex pluto[421]: "vpncom" #1: ISAKMP SA establishedNov  5 13:27:55 contex pluto[421]: "vpncom" #4: initiating Quick Mode RSASIG+ENCRYPT+COMPRESS+TUNNEL+PFS+UP {using isakmp#1}Nov  5 13:27:56 contex pluto[421]: "vpncom" #4: transition from state STATE_QUICK_I1 to state STATE_QUICK_I2Nov  5 13:27:56 contex pluto[421]: "vpncom" #4: sent QI2, IPsec SA established {ESP=>0x41d1e48f <0xc6c0bd4e IPCOMP=>0x000010c9 <0x0000a1cb}
Anybody an answer, some ideas??? plz help me out
Connect to the next generation of MSN Messenger 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20071105/ac69ee5b/attachment.html 

More information about the Users mailing list