[Openswan Users] IPv6 laptop configuration

Paul Wouters paul at xelerance.com
Wed Mar 17 10:26:25 EDT 2010

On Wed, 17 Mar 2010, Jason White wrote:

> Following on from the discussion last week, with my laptop at home and
> connected to my local LAN, I specified this configuration.
> On the laptop:
> conn jpc2-jdc
> connaddrfamily=ipv6
>  left=%defaultroute
>  leftid=@jpc2.jasonjgw.net
>  right=2001:44b8:702a:4770::2
>  leftrsasigkey=[key material omitted]
>  rightrsasigkey=[key material omitted]
>  auto=add

> If I then run ipsec auto --up jpc2-jdc from the laptop, it just hangs there.
> I checked out the default IPv6 route, which, due to IPv6 auto-configuration,
> turned out to be a link address (fe80 etc.). For test purposes I changed the
> route to the actual global address of the router: 2001:44b8:702a:4770::1 and
> confirmed that I could still route packets through it.

That seems like a bug :(

Can you report it on bugs.openswan.org?

> Attempting to bring up the tunnel still gave the same result however.
> Specifying the IPv6 address of the laptop explicitly in its configuration file
> is enough to enable the tunnel to be brought up. Obviously, this isn't
> desirable, given that the laptop has different IPv6 addresses when connected
> to different IPv6 networks.
> Any suggestions for improving this situation are welcome. I can carry out
> testing as necessary to help with the process, and obviously it isn't urgent.
> _______________________________________________
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users
> Building and Integrating Virtual Private Networks with Openswan:
> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155

More information about the Users mailing list