[Openswan Users] addconn defaultroutenexthop no longer likes %direct
Andreas Unterkircher
unki at netshadow.at
Tue Jan 19 13:37:16 EST 2010
Hello,
I encounter a problem with OpenSWAN 2.6.23 (klips, on Debian Lenny).
pppd is used for PPPoEing to an ISP and generates a default route via
device ppp0.
When I try to ipsec auto --add rtr-vpn the below configuration,
/usr/lib/ipsec/auto invokes addconn with the following syntax:
ipsec addconn --defaultroute 78.137.x.x --defaultroutenexthop %direct
rtr-vpn
What will fail with the message:
invalid default route: illegal (non-DNS-name) character in name
If I remove the "--defaultroutenexthop %direct" and invoke the command
manually, it works.
I also tried to use interfaces="ipsec0=ppp0", left=78.137.x.x and/or
specifying a leftnexthop address - but it makes no difference.
Someone else also seen this?
Cheers,
Andreas
rtr-vpncust01:/etc/ipsec.d/conf.d# ip ro sh dev ppp0
193.0.x.x proto kernel scope link src 78.137.x.x
default scope link
config setup
nat_traversal=no
OE=off
protostack=klips
interfaces="%defaultroute"
uniqueids=no
conn rtr-vpn
type=transport
leftrsasigkey="%cert"
leftcert=...
leftid="..."
left=%defaultroute
rightid="..."
rightrsasigkey="%cert"
right=91.213.x.x
auto=start
More information about the Users
mailing list