[Openswan Users] IPSec authentication, but can't ping the desired network

Paul Wouters paul at xelerance.com
Wed Jan 30 17:56:15 EST 2008

On Wed, 30 Jan 2008, Brian Chang wrote:

>   000 #2: "softlayer":500 STATE_QUICK_I2 (sent QI2, IPsec SA established); EVENT_SA_REPLACE in 28196s; newest IPSEC; eroute owner
>   000 #2: "softlayer" esp.6ad0d110 at esp.dca4fcdd at tun.0 at tun.0 at

Looks like it established, so most likely you are NAT'ing or firewalling

>   conn softlayer
>           type=tunnel
>           authby=secret
>           auto=start
>           left=
>           leftnexthop=
>           leftsubnet=
>           right=
>           rightnexthop=

rightnexthop's gateway is not within right's network? Is this a
really bad ISP with pppoe/pptp?

>           rightsubnet=

And your subnet is behind your router? That makes no sense to me.

>   I’m about to ditch Openswan for a crappy Linksys router with vpn (ugh!), so if anyone has ideas I’d be very happy :D

the linksys routers come with either freeswan or openswan, so I
doubt you'll gain much :)

Building and integrating Virtual Private Networks with Openswan:

More information about the Users mailing list