[Openswan Users] OpenSwan issue

Jay Smith jay.smith06 at gmail.com
Wed Sep 16 13:23:31 EDT 2009

    I figured as much. We know that the problem doesn't lie in openswan but
probably in iptables. Now I am not the one who put this all together so I
don't know the details. I do know that there isn't an interface, it's all in
the kernel (2.6). I am CCing the guy who did the work. What I am hoping is
that someone has had the exact same or similar problem who can tell us what
is wrong.
    I just tried eroute and got this message:
"/usr/lib/ipsec/eroute: No eroute table - no IPsec support in kernel (are
the modules loaded?)"


Jay Smith

Ogden Nash <http://www.brainyquote.com/quotes/authors/o/ogden_nash.html>  -
"The trouble with a kitten is that when it grows up, it's always a cat."

On Wed, Sep 16, 2009 at 9:47 AM, Erich Titl <erich.titl at think.ch> wrote:

> Jay Smith wrote:
> > Hello,
> >      How are you doing? I figured that is the issue. Have you ever used
> > iptables with openswan,
> Yes, but basically they have nothing to do with each other, except for
> possibly blocking traffic. If you suspect the firewall being the
> culprit, then look at the  firewall logs.
> maybe you can give me a specific idea of what to
> > do. When setting up OpenSwan, is there anything I need to setup on
> > iptables or the iproute or anything? Let me know, this has been a major
> > pain. Thanks!
> Typically the tunnel routes should be set by OpenSwan itself. If you use
> 2.4 then you can sniff on the ipsec interface, for 2.6, using the kernel
> implementation it is more difficult.
> ipsec eroute should give you an idea which way the packets should go. It
> also tells you if your tunnels are up.
> cheers
> Erich
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20090916/7253b0e0/attachment.html 

More information about the Users mailing list