[Openswan Users] OpenSwan issue

Jay Smith me at jayftw.com
Wed Sep 16 13:37:43 EDT 2009


Hello,
    I figured as much. We know that the problem doesn't lie in openswan but
probably in iptables. Now I am not the one who put this all together so I
don't know the details. I do know that there isn't an interface, it's all in
the kernel (2.6). I am CCing the guy who did the work. What I am hoping is
that someone has had the exact same or similar problem who can tell us what
is wrong.
    I just tried eroute and got this message:
"/usr/lib/ipsec/eroute: No eroute table - no IPsec support in kernel (are
the modules loaded?)"
    THoughts?

Jay

On Wed, Sep 16, 2009 at 9:47 AM, Erich Titl <erich.titl at think.ch> wrote:

>
>
> Jay Smith wrote:
> > Hello,
> >      How are you doing? I figured that is the issue. Have you ever used
> > iptables with openswan,
>
> Yes, but basically they have nothing to do with each other, except for
> possibly blocking traffic. If you suspect the firewall being the
> culprit, then look at the  firewall logs.
>
> maybe you can give me a specific idea of what to
> > do. When setting up OpenSwan, is there anything I need to setup on
> > iptables or the iproute or anything? Let me know, this has been a major
> > pain. Thanks!
>
> Typically the tunnel routes should be set by OpenSwan itself. If you use
> 2.4 then you can sniff on the ipsec interface, for 2.6, using the kernel
> implementation it is more difficult.
>
> ipsec eroute should give you an idea which way the packets should go. It
> also tells you if your tunnels are up.
>
> cheers
>
> Erich
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20090916/7e68c9f8/attachment.html 


More information about the Users mailing list