[Openswan Users] openswan weird ip routing issue
Randy Wyatt
rwyatt at nvtl.com
Tue Feb 16 12:34:29 EST 2010
The version of openswan under use is U2.6.22/K2.6.25.07 .
The client gateway has the following configuration:
Problem Statement:
1.) Unable to ping host on leftsubnet from left gateway when
rightsubnet is set to 0.0.0.0/0
Configuration of left gateway:
config setup
nat_traversal=yes
virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12
protostack=netkey
conn ipsec-auto-psk
authby=secret
type=tunnel
left=%defaultroute
leftsubnet=192.168.1.0/24
leftid=@nvtl.mifi.local
leftsourceip=192.168.1.1
right=216.188.XXX.YYY
rightsubnet=0.0.0.0/0
rightid=@dolphins.devnet.nvtl.local
ike=3des-sha1
phase2=esp
phase2alg=3des-sha1;modp1024
rekey=no
auto=add
So for example, We are not able to ping 192.168.1.10 from 192.168.1.1
when the IPSEC SA is up.
If we "ipsec auto -down ipsec-auto-psk", we still have not resumed
connectivity. We don't get connectivity back until we
/etc/rc.d/init.d/ipsec stop.
Regards,
Randy
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20100216/ba411bf1/attachment.html
More information about the Users
mailing list