[Openswan Users] Encrypting Local Network: Host-to-Host connection
Paul Wouters
paul at xelerance.com
Thu Jun 19 09:22:59 EDT 2008
On Thu, 19 Jun 2008, hiren joshi wrote:
> conn ab
> left=a.b.c.d
> right=a.b.c.e
>
> I observed that after connection establishment, the ARP request for the
> peer is sent to (00:00:00:00:00:01) instead of (ff:ff:ff:ff:ff:ff).
> The remote peer doesn't reply to the request. As a result peer is
> declared dead by the initiator after the specified interval.
Is this using netkey or klips?
> I tried with type=%direct (as mentioned in the openswan book by Paul),
> but with openswan-2.4.8, it results in error (ipsec_auto: fatal error in
> "htoh": unknown type "%direct").
Can you try openswan 2.4.12?
> Then I tried with leftnexthop=%direct, but observed the same ARP
> behavior.
Is there anything else that is different in your setup. This simple
setup should clearly work....
Paul
More information about the Users
mailing list