[Openswan Users] Fedora 8 and Netscreen

Michael Lavallee mlavalle at hotmail.com
Thu May 8 14:43:27 EDT 2008

Peter McGill wrote:
> However, the subnet definitions your using only route traffic
> between two computers ( and through the tunnel.
> All other traffic will use the internet without encryption.
> You need to run the traceroute and telnet from your machine.
> And you can only communicate with on the remote end, nothing else.
> If is also the computer which runs openswan then add this:
> 	leftsourceip=
> Otherwise linux will default to the internet address as the source and it won't go
> through the tunnel.
> is the computer that runs openswan, so I added the 
leftsourceip and restarted the service and the tunnel came back up 
okay.  From that box ( I tried to telnet to the other side 
( but it failed, so I ran a traceroute, and it still 
shows the traffic going outside the tunnel, which from what I think I 
know, is wrong.

traceroute to (, 30 hops max, 40 byte 
 1  nrba-dsl.onlink.net (  28.219 ms  28.181 ms  29.970 ms
 2 (  32.134 ms  34.034 ms  37.471 ms
 3 (  37.885 ms  39.817 ms  41.228 ms
 4  sdbrem02.ontera.ca (  42.153 ms * *
 5  * * *
I have the ipsec_barf, I wasn't sure if it was appropriate to post it 
here (message size) so I stuck it up at 

More information about the Users mailing list