[Openswan Users] R: R: Multiple interfaces ipsec/l2tp vpn openswan 2.6.26 [SOLVED]
Paul Wouters
paul at xelerance.com
Tue Jun 29 11:52:24 EDT 2010
On Tue, 29 Jun 2010, Federico Viel wrote:
> This is(was) the problem
I'll wait on Tuomo's comments here. He knows this magic best....
Paul
>
> On
> /usr/lib/ipsec/_updown.netkey
> .....
> 1 # old: route via pluto_interface
> 2 # parms2="$parms2 dev ${PLUTO_INTERFACE%:*} $IPROUTEARGS"
> 3
> 4 # new: route via proper interface according to routing table
> 5 if [ "$1" = "del" ]; then
> 6 PLUTO_PEER_INTERFACE=`ip -o route get $PLUTO_PEER_CLIENT | sed
> "s/^.*de$
> 7 else
> 8 PLUTO_PEER_INTERFACE=`ip -o route get $PLUTO_PEER | sed "s/^.*dev
> \([^ $
> 9 fi
> 10 if [ -z "$PLUTO_PEER_INTERFACE" ]; then
> 11 PLUTO_PEER_INTERFACE=$PLUTO_INTERFACE
> 12 fi
> 13 parms2="$parms2 dev ${PLUTO_PEER_INTERFACE%:*} $IPROUTEARGS"
> ...
>
>
> Commenting lines 5,6,7,8,9 solved the problem.
>
>
>
> Maybe this is a "issue" to fix? (in openswan 2.4.6 _updown script works
> fine)
>
> The question now is: Why net2net connections work without this patch?
> Thank you.
>
More information about the Users
mailing list