[Openswan Users] OpenSwan issue
Jay Smith
jay.smith06 at gmail.com
Wed Sep 16 13:23:31 EDT 2009
Hello,
I figured as much. We know that the problem doesn't lie in openswan but
probably in iptables. Now I am not the one who put this all together so I
don't know the details. I do know that there isn't an interface, it's all in
the kernel (2.6). I am CCing the guy who did the work. What I am hoping is
that someone has had the exact same or similar problem who can tell us what
is wrong.
I just tried eroute and got this message:
"/usr/lib/ipsec/eroute: No eroute table - no IPsec support in kernel (are
the modules loaded?)"
THoughts?
Sincerely,
Jay Smith
210.323.8119
http://www.twitter.com/Jay_FTW
Ogden Nash <http://www.brainyquote.com/quotes/authors/o/ogden_nash.html> -
"The trouble with a kitten is that when it grows up, it's always a cat."
On Wed, Sep 16, 2009 at 9:47 AM, Erich Titl <erich.titl at think.ch> wrote:
>
>
> Jay Smith wrote:
> > Hello,
> > How are you doing? I figured that is the issue. Have you ever used
> > iptables with openswan,
>
> Yes, but basically they have nothing to do with each other, except for
> possibly blocking traffic. If you suspect the firewall being the
> culprit, then look at the firewall logs.
>
> maybe you can give me a specific idea of what to
> > do. When setting up OpenSwan, is there anything I need to setup on
> > iptables or the iproute or anything? Let me know, this has been a major
> > pain. Thanks!
>
> Typically the tunnel routes should be set by OpenSwan itself. If you use
> 2.4 then you can sniff on the ipsec interface, for 2.6, using the kernel
> implementation it is more difficult.
>
> ipsec eroute should give you an idea which way the packets should go. It
> also tells you if your tunnels are up.
>
> cheers
>
> Erich
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20090916/7253b0e0/attachment.html
More information about the Users
mailing list