[Openswan Users] Encapsulate IP packets using source address different from local host's IP address

Jianqing Zhang arrow.jianqing at gmail.com
Tue Feb 17 17:46:38 EST 2009

To whom it may concern,

I configure SPs ans SAs using "ip xfrm policy" and "ip xfrm state" for
outgoing IP packets on My purpose is to use SA whose
source IP is different from the local host.

src dst proto udp dport 5002
dir out priority 2080 ptype main
tmpl src dst
proto esp reqid 10199 mode tunnel

src dst
proto esp spi 0x43001999 reqid 10199 mode tunnel
replay-window 32
auth hmac(sha1) 0x470b8df161ce85b0ecf870540a78929a8cd9b953
enc cbc(aes) 0xfbd25327d46ca4714bda3dedc80e8b86
sel src dst proto udp dport 5002

However, when I try to send a UDP packet, I get the following error message:

Invalid argument

Do I miss something or such a method is not feasible?


More information about the Users mailing list