[Openswan Users] redundant ipsec connections: route to peer's client conflicts with ... relesing old connection to free the route
Oguz Yilmaz
oguzyilmazlist at gmail.com
Thu Jun 4 02:17:37 EDT 2009
Hi,
I have a problem with Openswan.
I got the message "route to peer's client conflicts with ..., relesing
old connection to free the route"
On the central vpn machine I have 3 ipsec connecstions:
vpn1: 10.0.0.0/8 -> CentralVPNServer -> İnternetCloud -> İnternetDSL1
-> PeerSite1 (172.19.0.0/24)
vpn2: 172.16.0.0/24 -> CentralVPNServer -> İnternetCloud ->
İnternetDSL2 -> PeerSite1 (172.19.0.0/24)
vpn3: 172.17.0.0/24 -> CentralVPNServer -> İnternetCloud ->
İnternetDSL2 -> PeerSite1 (172.19.0.0/24)
As you can see PeerSite1 has 2 internet connections. Two of ipsecs are
through line 2, one of is through line 1.
I want to connect 3 networks behind CentralVPNServer to the peersite
over 2 peer internet lines.
At a moment only connections coming over one of DSL lines are up. WHen
vpn2+vpn3 up, vpn1 comes and openswan drops vpn2+vpn3 and establish
vpn1. This continues as vice versa. In an unknown time (from 5 to 15
minutes) all of three vpns are established together).
I think it is about the route which CentralVPNServer want to establish:
What can you propose?
Note: If I try leftsubnet=0.0.0.0;/0 on CentralVPNServer, it can not
match incoming VPN request with this definition.
Openswan version: openswan-2.4.13
Kernel: 2.6.18
More information about the Users
mailing list